Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-1412
HistoryJun 11, 2010 - 12:00 a.m.

CVE-2010-1412

2010-06-1100:00:00
ubuntu.com
ubuntu.com
18
webkit
safari
remote attackers
execution
denial of service
hover events

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.14

Percentile

95.8%

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS
X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows
remote attackers to execute arbitrary code or cause a denial of service
(application crash) via vectors related to hover events.

Bugs

Notes

Author Note
jdstrand qt4-x11 unmaintained upstream (see README.webkit for details) webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit.
mdeslaur webkitkde is a wrapper around qt4-x11’s webkit.
OSVersionArchitecturePackageVersionFilename
ubuntu9.10noarchwebkit< 1.2.5-0ubuntu0.9.10.1UNKNOWN
ubuntu10.04noarchwebkit< 1.2.5-0ubuntu0.10.04.1UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.14

Percentile

95.8%