Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiWushi of team509ZDI-10-144
HistoryAug 09, 2010 - 12:00 a.m.

Apple Webkit Rendering Counter Remote Code Execution Vulnerability

2010-08-0900:00:00
wushi of team509
www.zerodayinitiative.com
17

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.23 Low

EPSS

Percentile

96.5%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari’s Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit’s support for generated content. When utilizing generated content on a particular element, the library will insert more than one reference of the generated element element. During page destruction the application will navigate through the reference to discover more elements to destroy. This can lead to code execution under the context of the application.

Related

cve 1
checkpoint_advisories 1
prion 1
debiancve 1
veracode 1
ubuntucve 1
securityvulns 3
nessus 18
openvas 23
freebsd 1
oraclelinux 1
redhat 1
fedora 6
gentoo 1
cve
cve
CVE-2010-1784
2010-07-30 20:30:00
checkpoint_advisories
checkpoint_advisories
Apple Safari WebKit Rendering Counter Code Execution (CVE-2010-1784)
2010-11-08 00:00:00
prion
prion
Memory corruption
2010-07-30 20:30:00
debiancve
debiancve
CVE-2010-1784
2010-07-30 20:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:53:15
ubuntucve
ubuntucve
CVE-2010-1784
2010-07-30 00:00:00
securityvulns
securityvulns
ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability
2010-08-11 00:00:00
Apple Webkit / Safari multiple security vulnerabilities
2010-08-14 00:00:00
About the security content of Safari 5.0.1 and Safari 4.1.1
2010-08-08 00:00:00
nessus
nessus
openSUSE Security Update : libwebkit (openSUSE-SU-2010:0666-1)
2014-06-13 00:00:00
Apple iTunes < 10.0 Multiple (credentialed check)
2010-09-02 00:00:00
FreeBSD : webkit-gtk2 -- Multiple vulnerabilities (9bcfd7b6-bcda-11df-9a6a-0015f2db7bde)
2010-09-12 00:00:00
openvas
openvas
FreeBSD Ports: webkit-gtk2
2010-10-10 00:00:00
FreeBSD Ports: webkit-gtk2
2010-10-10 00:00:00
Apple Safari Multiple Vulnerabilities (Jul 2010)
2010-08-02 00:00:00
freebsd
freebsd
webkit-gtk2 -- Multiple vulnerabilities
2010-09-07 00:00:00
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: webkitgtk-1.2.4-1.fc13
2010-09-15 05:40:48
[SECURITY] Fedora 12 Update: webkitgtk-1.2.4-1.fc12
2010-09-21 01:43:18
[SECURITY] Fedora 12 Update: webkitgtk-1.2.5-1.fc12
2010-10-19 07:09:06
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.23 Low

EPSS

Percentile

96.5%

JSON
Related for ZDI-10-144
cve1checkpoint_advisories1prion1debiancve1veracode1ubuntucve1securityvulns3nessus18openvas23freebsd1oraclelinux1redhat1fedora6gentoo1