CVSS: 9.7EPSS: 3%CPEs: 2EXPL: 1CVE-2010-1824 – Apple Webkit Error Message Mutation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1824
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. Vulnerabilidad de usar después de liberar en WebKit, como se utiliza en Google Chrome en versiones anteriores a la v6.0.472.59, permiten a atacantes remotos provocar una denegación de servicio y posiblemente provocar otros daños a través de vectores de ataque relacionados con estilos SVG. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the methodology the application takes to inform a user about an error while parsing a malformed document. When displaying the error message, the application will append the message to the current instance of the DOM tree causing another element to be removed which will lead to the styles being recalculated. • http://code.google.com/p/chromium/issues/detail?id=50712 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT4554 http://support.apple.com/kb/HT4566 http://www.vupen.com/english/advisories/2011/0212 http://www.zerodayinitiative.com/advisories&#x • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 59EXPL: 0CVE-2010-1795
https://notcve.org/view.php?id=CVE-2010-1795
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en Apple iTunes anterior a v9.1, cuando se ejecuta en Windows 7, Vista, y XP, permite a atacantes obtener privilegios a través de una DDL que es un troyano en el directorio actual de trabajo. • http://support.apple.com/kb/HT4105 http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt http://www.securityfocus.com/archive/1/513190/100/0/threaded http://www.securityfocus.com/bid/42541 https://exchange.xforce.ibmcloud.com/vulnerabilities/61223 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7217 •
CVSS: 6.9EPSS: 0%CPEs: 60EXPL: 0CVE-2010-1768
https://notcve.org/view.php?id=CVE-2010-1768
Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch. Vulnerabilidad sin especificar en Apple iTunes anterior a v9.1 permite a usuarios locales obtener privilegios de consola a través de vectores relacionados con archivos log, "operación de archivos inseguros", y sincornizando un iPhone, iPad, o iPod touch. • http://support.apple.com/kb/HT4105 http://www.securityfocus.com/bid/42538 https://exchange.xforce.ibmcloud.com/vulnerabilities/61222 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7604 •
CVSS: 9.3EPSS: 1%CPEs: 71EXPL: 0CVE-2010-1777
https://notcve.org/view.php?id=CVE-2010-1777
Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL. Desbordamiento de búfer en Apple iTunes en versiones anteriores a la v9.2.1 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de un itpc: URL modificado. • http://lists.apple.com/archives/security-announce/2010//Jul/msg00000.html http://support.apple.com/kb/HT4263 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6988 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 2%CPEs: 24EXPL: 0CVE-2010-2249 – libpng: Memory leak when processing Physical Scale (sCAL) images
https://notcve.org/view.php?id=CVE-2010-2249
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. Fuga de memoria en pngrutil.c en libpng anteriores a v1.2.44 y v1.4.x anteriores a v.1.4.3, permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de aplicación) a través de una imagen que contiene un troceado mal formado del Physical Scale (también conocido como sCAL) • http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html http&# • CWE-401: Missing Release of Memory after Effective Lifetime •