Lucene search

K
cveAppleCVE-2010-1807
HistorySep 10, 2010 - 7:00 p.m.

CVE-2010-1807

2010-09-1019:00:02
CWE-20
apple
web.nvd.nist.gov
121
webkit
apple safari
android
webkitgtk
cve-2010-1807
vulnerability
remote code execution
denial of service
nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0.922

Percentile

99.0%

WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.

Affected configurations

Nvd
Node
applesafariMatch4.0
OR
applesafariMatch4.0beta
OR
applesafariMatch4.0.0b
OR
applesafariMatch4.0.1
OR
applesafariMatch4.0.2
OR
applesafariMatch4.0.3
OR
applesafariMatch4.0.4
OR
applesafariMatch4.0.5
OR
applesafariMatch4.1
OR
applesafariMatch4.1.1
Node
applesafariMatch5.0
OR
applesafariMatch5.0.1
Node
googleandroidRange2.1
OR
googleandroidMatch1.0
OR
googleandroidMatch1.1
OR
googleandroidMatch1.5
OR
googleandroidMatch1.6
OR
googleandroidMatch2.0
Node
webkitgtkwebkitgtkRange1.2.5
OR
webkitgtkwebkitgtkMatch1.2.0
OR
webkitgtkwebkitgtkMatch1.2.1
OR
webkitgtkwebkitgtkMatch1.2.2
OR
webkitgtkwebkitgtkMatch1.2.3
OR
webkitgtkwebkitgtkMatch1.2.4
VendorProductVersionCPE
applesafari4.0cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
applesafari4.0cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:*
applesafari4.0.0bcpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
applesafari4.0.1cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
applesafari4.0.2cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
applesafari4.0.3cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
applesafari4.0.4cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*
applesafari4.0.5cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*
applesafari4.1cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*
applesafari4.1.1cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 241

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0.922

Percentile

99.0%