Lucene search

K
cveMitreCVE-2010-2300
HistoryJun 15, 2010 - 6:00 p.m.

CVE-2010-2300

2010-06-1518:00:02
CWE-416
mitre
web.nvd.nist.gov
34
cve-2010-2300
vulnerability
webcore
webkit
google chrome
remote attackers
arbitrary code
dom mutation events

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.6

Confidence

High

EPSS

0.14

Percentile

95.7%

Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759.

Affected configurations

Nvd
Node
googlechromeRange<5.0.375.70
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.6

Confidence

High

EPSS

0.14

Percentile

95.7%