Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-3812
HistoryNov 22, 2010 - 1:00 p.m.

CVE-2010-3812

2010-11-2213:00:18
CWE-189
[email protected]
web.nvd.nist.gov
47
cve-2010-3812
integer overflow
text::wholetext method
webkit
apple safari
remote code execution
denial of service
nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.3 High

AI Score

Confidence

High

0.063 Low

EPSS

Percentile

93.7%

JSON

Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects.

Affected configurations

NVD
Node
applesafariRange5.0.2
OR
applesafariMatch5.0
OR
applesafariMatch5.0.1
OR
applewebkit
AND
applemac_os_xMatch10.5
OR
applemac_os_xMatch10.5.0
OR
applemac_os_xMatch10.5.1
OR
applemac_os_xMatch10.5.2
OR
applemac_os_xMatch10.5.3
OR
applemac_os_xMatch10.5.4
OR
applemac_os_xMatch10.5.5
OR
applemac_os_xMatch10.5.6
OR
applemac_os_xMatch10.5.7
OR
applemac_os_xMatch10.5.8
OR
applemac_os_xMatch10.6.0
OR
applemac_os_xMatch10.6.1
OR
applemac_os_xMatch10.6.2
OR
applemac_os_xMatch10.6.3
OR
applemac_os_xMatch10.6.4
OR
applemac_os_xMatch10.6.5
OR
applemac_os_x_serverMatch10.5
OR
applemac_os_x_serverMatch10.5.0
OR
applemac_os_x_serverMatch10.5.1
OR
applemac_os_x_serverMatch10.5.2
OR
applemac_os_x_serverMatch10.5.3
OR
applemac_os_x_serverMatch10.5.4
OR
applemac_os_x_serverMatch10.5.5
OR
applemac_os_x_serverMatch10.5.6
OR
applemac_os_x_serverMatch10.5.7
OR
applemac_os_x_serverMatch10.5.8
OR
applemac_os_x_serverMatch10.6.0
OR
applemac_os_x_serverMatch10.6.1
OR
applemac_os_x_serverMatch10.6.2
OR
applemac_os_x_serverMatch10.6.3
OR
applemac_os_x_serverMatch10.6.4
OR
applemac_os_x_serverMatch10.6.5
OR
microsoftwindows_7
OR
microsoftwindows_vista
OR
microsoftwindows_xpsp2
Node
applesafariRange4.1.2
OR
applesafariMatch1.0
OR
applesafariMatch1.0beta
OR
applesafariMatch1.0beta2
OR
applesafariMatch1.0.0
OR
applesafariMatch1.0.0b1
OR
applesafariMatch1.0.0b2
OR
applesafariMatch1.0.1
OR
applesafariMatch1.0.2
OR
applesafariMatch1.0.3
OR
applesafariMatch1.0.385.8
OR
applesafariMatch1.0.385.8.1
OR
applesafariMatch1.1
OR
applesafariMatch1.1.0
OR
applesafariMatch1.1.1
OR
applesafariMatch1.2
OR
applesafariMatch1.2.0
OR
applesafariMatch1.2.1
OR
applesafariMatch1.2.2
OR
applesafariMatch1.2.3
OR
applesafariMatch1.2.4
OR
applesafariMatch1.2.5
OR
applesafariMatch1.3
OR
applesafariMatch1.3.0
OR
applesafariMatch1.3.1
OR
applesafariMatch1.3.2
OR
applesafariMatch1.3.2312.5
OR
applesafariMatch1.3.2312.6
OR
applesafariMatch2
OR
applesafariMatch2.0
OR
applesafariMatch2.0.0
OR
applesafariMatch2.0.1
OR
applesafariMatch2.0.2
OR
applesafariMatch2.0.3
OR
applesafariMatch2.0.3417.8
OR
applesafariMatch2.0.3417.9
OR
applesafariMatch2.0.3417.9.2
OR
applesafariMatch2.0.3417.9.3
OR
applesafariMatch2.0.4
OR
applesafariMatch3
OR
applesafariMatch3.0
OR
applesafariMatch3.0.0
OR
applesafariMatch3.0.0b
OR
applesafariMatch3.0.1
OR
applesafariMatch3.0.1b
OR
applesafariMatch3.0.2
OR
applesafariMatch3.0.2b
OR
applesafariMatch3.0.3
OR
applesafariMatch3.0.3b
OR
applesafariMatch3.0.4
OR
applesafariMatch3.0.4b
OR
applesafariMatch3.1.0
OR
applesafariMatch3.1.0b
OR
applesafariMatch3.1.1
OR
applesafariMatch3.1.2
OR
applesafariMatch3.2.0
OR
applesafariMatch3.2.1
OR
applesafariMatch3.2.2
OR
applesafariMatch4.1
OR
applesafariMatch4.1.1
OR
applewebkit
AND
applemac_os_xMatch10.4
OR
applemac_os_xMatch10.4.0
OR
applemac_os_xMatch10.4.1
OR
applemac_os_xMatch10.4.2
OR
applemac_os_xMatch10.4.3
OR
applemac_os_xMatch10.4.4
OR
applemac_os_xMatch10.4.5
OR
applemac_os_xMatch10.4.6
OR
applemac_os_xMatch10.4.7
OR
applemac_os_xMatch10.4.8
OR
applemac_os_xMatch10.4.9
OR
applemac_os_xMatch10.4.10
OR
applemac_os_xMatch10.4.11
OR
applemac_os_x_serverMatch10.4
OR
applemac_os_x_serverMatch10.4.0
OR
applemac_os_x_serverMatch10.4.1
OR
applemac_os_x_serverMatch10.4.2
OR
applemac_os_x_serverMatch10.4.3
OR
applemac_os_x_serverMatch10.4.4
OR
applemac_os_x_serverMatch10.4.5
OR
applemac_os_x_serverMatch10.4.6
OR
applemac_os_x_serverMatch10.4.7
OR
applemac_os_x_serverMatch10.4.8
OR
applemac_os_x_serverMatch10.4.9
OR
applemac_os_x_serverMatch10.4.10
OR
applemac_os_x_serverMatch10.4.11

References

Related

veracode 1
debiancve 1
zdi 1
cvelist 1
prion 1
nvd 1
ubuntucve 1
nessus 12
freebsd 1
openvas 16
ubuntu 1
securityvulns 1
oraclelinux 1
redhat 1
fedora 2
gentoo 1
veracode
veracode
Integer Overflows
2020-04-10 00:53:20
debiancve
debiancve
CVE-2010-3812
2010-11-22 13:00:00
zdi
zdi
Apple Webkit WholeText Integer Overflow Remote Code Execution Vulnerability
2010-11-23 00:00:00
cvelist
cvelist
CVE-2010-3812
2010-11-20 21:00:00
prion
prion
Integer overflow
2010-11-22 13:00:00
nvd
nvd
CVE-2010-3812
2010-11-22 13:00:18
ubuntucve
ubuntucve
CVE-2010-3812
2010-11-22 00:00:00
nessus
nessus
Fedora 13 : webkitgtk-1.2.6-1.fc13 (2011-0121)
2011-01-10 00:00:00
FreeBSD : webkit-gtk2 -- Multiple vulnerabilities (06a12e26-142e-11e0-bea2-0015f2db7bde)
2011-01-03 00:00:00
Ubuntu 10.04 LTS / 10.10 : webkit vulnerabilities (USN-1195-1)
2011-08-24 00:00:00
freebsd
freebsd
webkit-gtk2 -- Multiple vulnerabilities
2010-12-28 00:00:00
openvas
openvas
FreeBSD Ports: webkit-gtk2
2011-01-24 00:00:00
FreeBSD Ports: webkit-gtk2
2011-01-24 00:00:00
Apple Safari Webkit Multiple Vulnerabilities - Nov10
2010-11-23 00:00:00
ubuntu
ubuntu
WebKit vulnerabilities
2011-08-23 00:00:00
securityvulns
securityvulns
About the security content of Safari 5.0.3 and Safari 4.1.3
2010-11-20 00:00:00
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: webkitgtk-1.2.6-1.fc13
2011-01-07 20:01:55
[SECURITY] Fedora 13 Update: webkitgtk-1.2.7-1.fc13
2011-02-18 01:51:56
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.3 High

AI Score

Confidence

High

0.063 Low

EPSS

Percentile

93.7%

JSON
Related for CVE-2010-3812
veracode1debiancve1zdi1cvelist1prion1nvd1ubuntucve1nessus12freebsd1openvas16ubuntu1securityvulns1oraclelinux1redhat1fedora2gentoo1