ID CVE-2010-1729
Summary WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
    cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
    cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 17-02-2011 - 06:55)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
misc http://h.ackack.net/?p=258
secunia 43068
suse SUSE-SR:2011:002
vupen ADV-2011-0212
vulnerable_product via4
  • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
Last major update 17-02-2011 - 06:55
Published 06-05-2010 - 14:53
Back to Top