Lucene search

K

PRIOn knowledge basePRION:CVE-2010-3259

HistorySep 07, 2010 - 6:00 p.m.

Design/Logic Flaw

2010-09-0718:00:00

PRIOn knowledge base

www.prio-n.com

3

5.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.2%

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site.

CPENameOperatorVersion
iphone_oslt4.2
safarilt4.1.3
safarige5.0
safarilt5.0.3
ubuntu_linuxeq10.10
ubuntu_linuxeq9.10
ubuntu_linuxeq10.04
chromelt6.0.472.53
webkitgtklt1.2.6

References

lists.apple.com/archives/security-announce/2010//Nov/msg00002.html

lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/41856

secunia.com/advisories/42314

secunia.com/advisories/43068

secunia.com/advisories/43086

support.apple.com/kb/HT4455

support.apple.com/kb/HT4456

www.mandriva.com/security/advisories?name=MDVSA-2011:039

www.redhat.com/support/errata/RHSA-2011-0177.html

www.securityfocus.com/bid/44206

www.ubuntu.com/usn/USN-1006-1

www.vupen.com/english/advisories/2010/2722

www.vupen.com/english/advisories/2010/3046

www.vupen.com/english/advisories/2011/0212

www.vupen.com/english/advisories/2011/0216

www.vupen.com/english/advisories/2011/0552

code.google.com/p/chromium/issues/detail?id=53001

googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11221

technet.microsoft.com/library/security/msvr11-002

5.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.2%

Related for PRION:CVE-2010-3259

ubuntucve1 debiancve1 cve1 cvelist1 nvd1 veracode1 msvr1 nessus14 openvas21 freebsd1 securityvulns2 oraclelinux1 redhat1 fedora4 gentoo1