CVSS: 6.8EPSS: 90%CPEs: 7EXPL: 0CVE-2010-1814 – webkit: memory corruption flaw when handling form menus
https://notcve.org/view.php?id=CVE-2010-1814
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. WebKit en Apple OI anterior a v4.1 en el iPhone y el iPod touch permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores que implican form menus. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4334 http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 85%CPEs: 7EXPL: 0CVE-2010-1815 – webkit: use-after-free flaw when handling scrollbars
https://notcve.org/view.php?id=CVE-2010-1815
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. Vulnerabilidad de uso después de la liberación en WebKit en Apple iOS anterior a v4.1 en iPhone e iPod touch, permite a atacantes remotos producir una denegación de servicio (caída de aplicación) mediante vectores que comprenden las barras de desplazamiento. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4334 http:&# • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 6.8EPSS: 85%CPEs: 7EXPL: 0CVE-2010-1812 – webkit: use-after-free flaw in handling of selections
https://notcve.org/view.php?id=CVE-2010-1812
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. Vulnerabilidad de uso después de la liberación en WebKit en Apple iOS anterior a v4.1 en el iPhone e iPod touch, permite a atacantes remotos producir una denegación de servicio (caída de la aplicación) mediante vectores que comprenden selecciones. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4334 http:&# • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-3259 – webkit: cross-origin image theft
https://notcve.org/view.php?id=CVE-2010-3259
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site. Google Chrome anterior a v6.0.472.53 no restringe apropiadamente el acceso de lectura a las imágenes, lo que permite a atacantes remotos evitar la "Same Origin Policy" y obtener información potencialmente sensible a través de vectores sin especificar • http://code.google.com/p/chromium/issues/detail?id=53001 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 0CVE-2010-3255 – webkit: DoS via improper handling of counter nodes
https://notcve.org/view.php?id=CVE-2010-3255
Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Chrome de Google anterior a versión 6.0.472.53 y webkitgtk anterior a versión 1.2.6, no maneja apropiadamente los nodos contadores, lo que permite a los atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado por medio de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=51653 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://secunia.com/advisories/43086 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.vupen.com/english/advisories/2011/0216 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11736&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •