Lucene search

[email protected]CVE-2010-1789

HistoryJul 30, 2010 - 8:30 p.m.

CVE-2010-1789

2010-07-3020:30:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-1789

webkit

apple safari

buffer overflow

remote attackers

arbitrary code

denial of service

javascript

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.7 High

AI Score

Confidence

High

0.068 Low

EPSS

Percentile

93.9%

JSON

Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a JavaScript string object.

Affected configurations

NVD

Node

applesafariRange≤5.0

applesafariMatch4.0

applesafariMatch4.0.0b

applesafariMatch4.0.1

applesafariMatch4.0.2

applesafariMatch4.0.3

applesafariMatch4.0.4

applesafariMatch4.0.5

applewebkit

AND

applemac_os_xMatch10.5

applemac_os_xMatch10.5.0

applemac_os_xMatch10.5.1

applemac_os_xMatch10.5.2

applemac_os_xMatch10.5.3

applemac_os_xMatch10.5.4

applemac_os_xMatch10.5.5

applemac_os_xMatch10.5.6

applemac_os_xMatch10.5.7

applemac_os_xMatch10.5.8

applemac_os_xMatch10.6.0

applemac_os_xMatch10.6.1

applemac_os_xMatch10.6.2

applemac_os_xMatch10.6.3

applemac_os_xMatch10.6.4

applemac_os_x_serverMatch10.5

applemac_os_x_serverMatch10.5.0

applemac_os_x_serverMatch10.5.1

applemac_os_x_serverMatch10.5.2

applemac_os_x_serverMatch10.5.3

applemac_os_x_serverMatch10.5.4

applemac_os_x_serverMatch10.5.5

applemac_os_x_serverMatch10.5.6

applemac_os_x_serverMatch10.5.7

applemac_os_x_serverMatch10.5.8

applemac_os_x_serverMatch10.6.0

applemac_os_x_serverMatch10.6.1

applemac_os_x_serverMatch10.6.2

applemac_os_x_serverMatch10.6.3

applemac_os_x_serverMatch10.6.4

microsoftwindows_7

microsoftwindows_vista

microsoftwindows_xpsp2

microsoftwindows_xpsp3

Node

applesafariRange≤4.1

applesafariMatch4.0

applesafariMatch4.0.0b

applesafariMatch4.0.1

applesafariMatch4.0.2

applesafariMatch4.0.3

applesafariMatch4.0.4

applesafariMatch4.0.5

applewebkit

AND

applemac_os_xMatch10.4

applemac_os_xMatch10.4.0

applemac_os_xMatch10.4.1

applemac_os_xMatch10.4.2

applemac_os_xMatch10.4.3

applemac_os_xMatch10.4.4

applemac_os_xMatch10.4.5

applemac_os_xMatch10.4.6

applemac_os_xMatch10.4.7

applemac_os_xMatch10.4.8

applemac_os_xMatch10.4.9

applemac_os_xMatch10.4.10

applemac_os_xMatch10.4.11

applemac_os_x_serverMatch10.4

applemac_os_x_serverMatch10.4.0

applemac_os_x_serverMatch10.4.1

applemac_os_x_serverMatch10.4.2

applemac_os_x_serverMatch10.4.3

applemac_os_x_serverMatch10.4.4

applemac_os_x_serverMatch10.4.5

applemac_os_x_serverMatch10.4.6

applemac_os_x_serverMatch10.4.7

applemac_os_x_serverMatch10.4.8

applemac_os_x_serverMatch10.4.9

applemac_os_x_serverMatch10.4.10

applemac_os_x_serverMatch10.4.11

CPENameOperatorVersion
apple:safariapple safarile5.0
apple:safariapple safarieq4.0
apple:safariapple safarieq4.0.0b
apple:safariapple safarieq4.0.1
apple:safariapple safarieq4.0.2
apple:safariapple safarieq4.0.3
apple:safariapple safarieq4.0.4
apple:safariapple safarieq4.0.5
apple:webkitapple webkiteq*

CPE	Name	Operator	Version
apple:safari	apple safari	le	5.0
apple:safari	apple safari	eq	4.0
apple:safari	apple safari	eq	4.0.0b
apple:safari	apple safari	eq	4.0.1
apple:safari	apple safari	eq	4.0.2
apple:safari	apple safari	eq	4.0.3
apple:safari	apple safari	eq	4.0.4
apple:safari	apple safari	eq	4.0.5
apple:webkit	apple webkit	eq	*