Lucene search

[email protected]NVD:CVE-2010-1807

HistorySep 10, 2010 - 7:00 p.m.

CVE-2010-1807

2010-09-1019:00:02

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.6

Confidence

High

EPSS

0.922

Percentile

99.0%

JSON

WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.

Affected configurations

Nvd

Node

applesafariMatch4.0

applesafariMatch4.0beta

applesafariMatch4.0.0b

applesafariMatch4.0.1

applesafariMatch4.0.2

applesafariMatch4.0.3

applesafariMatch4.0.4

applesafariMatch4.0.5

applesafariMatch4.1

applesafariMatch4.1.1

Node

applesafariMatch5.0

applesafariMatch5.0.1

Node

googleandroidRange≤2.1

googleandroidMatch1.0

googleandroidMatch1.1

googleandroidMatch1.5

googleandroidMatch1.6

googleandroidMatch2.0

Node

webkitgtkwebkitgtkRange≤1.2.5

webkitgtkwebkitgtkMatch1.2.0

webkitgtkwebkitgtkMatch1.2.1

webkitgtkwebkitgtkMatch1.2.2

webkitgtkwebkitgtkMatch1.2.3

webkitgtkwebkitgtkMatch1.2.4

VendorProductVersionCPE
applesafari4.0cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
applesafari4.0cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:*
applesafari4.0.0bcpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
applesafari4.0.1cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
applesafari4.0.2cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
applesafari4.0.3cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
applesafari4.0.4cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*
applesafari4.0.5cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*
applesafari4.1cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*
applesafari4.1.1cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	safari	4.0	cpe:2.3:a:apple:safari:4.0:::::::*
apple	safari	4.0	cpe:2.3:a:apple:safari:4.0:beta::::::
apple	safari	4.0.0b	cpe:2.3:a:apple:safari:4.0.0b:::::::*
apple	safari	4.0.1	cpe:2.3:a:apple:safari:4.0.1:::::::*
apple	safari	4.0.2	cpe:2.3:a:apple:safari:4.0.2:::::::*
apple	safari	4.0.3	cpe:2.3:a:apple:safari:4.0.3:::::::*
apple	safari	4.0.4	cpe:2.3:a:apple:safari:4.0.4:::::::*
apple	safari	4.0.5	cpe:2.3:a:apple:safari:4.0.5:::::::*
apple	safari	4.1	cpe:2.3:a:apple:safari:4.1:::::::*
apple	safari	4.1.1	cpe:2.3:a:apple:safari:4.1.1:::::::*