CVSS: 9.7EPSS: 3%CPEs: 2EXPL: 1CVE-2010-1824 – Apple Webkit Error Message Mutation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1824
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. Vulnerabilidad de usar después de liberar en WebKit, como se utiliza en Google Chrome en versiones anteriores a la v6.0.472.59, permiten a atacantes remotos provocar una denegación de servicio y posiblemente provocar otros daños a través de vectores de ataque relacionados con estilos SVG. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the methodology the application takes to inform a user about an error while parsing a malformed document. When displaying the error message, the application will append the message to the current instance of the DOM tree causing another element to be removed which will lead to the styles being recalculated. • http://code.google.com/p/chromium/issues/detail?id=50712 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT4554 http://support.apple.com/kb/HT4566 http://www.vupen.com/english/advisories/2011/0212 http://www.zerodayinitiative.com/advisories&#x • CWE-416: Use After Free •
CVSS: 8.8EPSS: 3%CPEs: 9EXPL: 1CVE-2010-1772
https://notcve.org/view.php?id=CVE-2010-1772
Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associated with geolocation upon deletion of a document. Vulnerabilidad de usar después de liberar en page/Geolocation.cpp de WebCore en WebKit en versiones anteriores a la r59859, como se ha utilizado en Google Chrome en versiones anteriores a la v5.0.375.70, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de una página web modificada, relacionado con un fallo al detener los temporizadores asociados con la geolocalización al borrar un documento. • http://code.google.com/p/chromium/issues/detail?id=44868 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40072 http://secunia.com/advisories/40557 http://secunia.com/advisories/41856 http://secunia.com/adviso • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 235EXPL: 0CVE-2010-1767
https://notcve.org/view.php?id=CVE-2010-1767
Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en loader/DocumentThreadableLoader.cpp de WebCore en WebKit en versiones anteriores a la r57041, como es utilizado en Google Chrome en versiones anteriores a la v4.1.249.1059, permite a atacantes remotos secuestrar la autenticación de víctimas sin especificar a tráves de una operación "synchronous preflight XMLHttpRequest" modificada. • http://code.google.com/p/chromium/issues/detail?id=39698 http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/64002 http://secunia.com/advisories/39544 http://secunia.com/advisories/41856 http://secunia.com/advisories/43068 http://security-tracker.debian.org/tracker/CVE-2010-1767 http://trac.webkit.org/changeset/57041 http://www.mandriva.com/security/advisories?nam • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 1CVE-2010-1825
https://notcve.org/view.php?id=CVE-2010-1825
Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements. Vulnerabilidad de usar después de liberar en WebKit, como se utiliza en Google Chrome en versiones anteriores a la v6.0.472.59, permiten a atacantes remotos provocar una denegación de servicio y posiblemente provocar otros daños a través de vectores de ataque relacionados con elementos SVG anidados. • http://code.google.com/p/chromium/issues/detail?id=51252 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0212 https://bugs.webkit.org/show_bug.cgi?id=43587 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7202 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 0CVE-2010-1823
https://notcve.org/view.php?id=CVE-2010-1823
Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. Vulnerabilidad de usar después de liberar en WebKit en versiones anteriores a la vr65958, como se utiliza en Google Chrome en versiones anteriores a la v6.0.472.59, permite a atacantes remotos provocar una denegación de servicio y posiblemente provocar otros daños a través de vectores de ataque que provocan el uso de las APIs document tal como document.close durante el parseo, como se ha demostrado por un fichero de hojas de estilo en cascada (CSS) referenciando un "font" SVG, también conocido como problema rdar 8442098. • http://code.google.com/p/chromium/issues/detail?id=50250 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://www& • CWE-416: Use After Free •