Lucene search

K
nvd[email protected]NVD:CVE-2010-3257
HistorySep 07, 2010 - 6:00 p.m.

CVE-2010-3257

2010-09-0718:00:02
CWE-416
web.nvd.nist.gov
8

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.7

Confidence

High

EPSS

0.047

Percentile

92.7%

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus.

Affected configurations

Nvd
Node
googlechromeRange<6.0.472.53
Node
webkitgtkwebkitgtkRange<1.2.6
Node
applesafariRange<4.1.3
OR
applesafariRange5.05.0.3
OR
appleiphone_osRange<4.2
Node
canonicalubuntu_linuxMatch9.10
OR
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch10.10
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
webkitgtkwebkitgtk*cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
canonicalubuntu_linux9.10cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
canonicalubuntu_linux10.04cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
canonicalubuntu_linux10.10cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.7

Confidence

High

EPSS

0.047

Percentile

92.7%