Design/Logic Flaw

2009-06-1018:00:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.058 Low

EPSS

Percentile

93.2%

JSON

Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified “caches.”

CPENameOperatorVersion
safarieq3.1.2 mac
safarieq3.2.1 mac
safarieq0.9 mac
safarieq1.3.2 mac
safarieq1.2 mac
safarieq3.0.4 mac
safarieq3.0.3 mac
safarieq1.3.1 mac
safarieq2.0.4 mac
safarieq3.0 mac

Name	Operator	Version
safari	eq	3.1.2 mac
safari	eq	3.2.1 mac
safari	eq	0.9 mac
safari	eq	1.3.2 mac
safari	eq	1.2 mac
safari	eq	3.0.4 mac
safari	eq	3.0.3 mac
safari	eq	1.3.1 mac
safari	eq	2.0.4 mac
safari	eq	3.0 mac