Lucene search

PRIOn knowledge basePRION:CVE-2010-1403

HistoryJun 11, 2010 - 6:00 p.m.

Design/Logic Flaw

2010-06-1118:00:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.086 Low

EPSS

Percentile

94.3%

JSON

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction.

CPENameOperatorVersion
safarile4.0.5
safarieq4.0
safarieq4.0.98
safarieq4.0.1
safarieq4.0.2
safarieq4.0.3
safarieq4.0.4
safarile4.0.5
safarieq4.0
safarieq4.0.98

Name	Operator	Version
safari	le	4.0.5
safari	eq	4.0
safari	eq	4.0.98
safari	eq	4.0.1
safari	eq	4.0.2
safari	eq	4.0.3
safari	eq	4.0.4
safari	le	4.0.5
safari	eq	4.0
safari	eq	4.0.98

Rows per page:

1-10 of 141

References

lists.apple.com/archives/security-announce/2010//Jun/msg00002.html

lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

lists.apple.com/archives/security-announce/2010/Jun/msg00000.html

lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/40105

secunia.com/advisories/40196

secunia.com/advisories/41856

secunia.com/advisories/42314

secunia.com/advisories/43068

securitytracker.com/id?1024067

support.apple.com/kb/HT4196

support.apple.com/kb/HT4220

support.apple.com/kb/HT4225

support.apple.com/kb/HT4456

www.mandriva.com/security/advisories?name=MDVSA-2011:039

www.securityfocus.com/archive/1/511722/100/0/threaded

www.securityfocus.com/bid/40620

www.ubuntu.com/usn/USN-1006-1

www.vupen.com/english/advisories/2010/1373

www.vupen.com/english/advisories/2010/1512

www.vupen.com/english/advisories/2010/2722

www.vupen.com/english/advisories/2011/0212

www.vupen.com/english/advisories/2011/0552

www.zerodayinitiative.com/advisories/ZDI-10-099/

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7519

8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.086 Low

EPSS

Percentile

94.3%

JSON

Related for PRION:CVE-2010-1403