Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-3257
HistorySep 07, 2010 - 12:00 a.m.

CVE-2010-3257

2010-09-0700:00:00
ubuntu.com
ubuntu.com
15

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.047

Percentile

92.7%

Use-after-free vulnerability in WebKit, as used in Apple Safari before
4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and
webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code
or cause a denial of service (application crash) via vectors involving
element focus.

Notes

Author Note
jdstrand qt4-x11 unmaintained upstream (see README.webkit for details) webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit.
mdeslaur webkitkde is a wrapper around qt4-x11’s webkit.
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchchromium-browser< 6.0.472.53~r57914-0ubuntu0.10.04.1UNKNOWN
ubuntu9.10noarchwebkit< 1.2.5-0ubuntu0.9.10.1UNKNOWN
ubuntu10.04noarchwebkit< 1.2.5-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchwebkit< 1.2.5-0ubuntu0.10.10.1UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.047

Percentile

92.7%