ID CVE-2010-1750
Summary Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.
References
Vulnerable Configurations
  • Apple Safari 4.0.3
    cpe:2.3:a:apple:safari:4.0.3
  • Apple Safari 4.0.2
    cpe:2.3:a:apple:safari:4.0.2
  • Apple Safari 4.0.1
    cpe:2.3:a:apple:safari:4.0.1
  • Apple Safari 4.0.0b
    cpe:2.3:a:apple:safari:4.0.0b
  • Apple Safari 4.0
    cpe:2.3:a:apple:safari:4.0
  • Apple Safari 4.0.4
    cpe:2.3:a:apple:safari:4.0.4
  • Apple Safari 4.0.5
    cpe:2.3:a:apple:safari:4.0.5
  • Microsoft Windows XP Service Pack 3
    cpe:2.3:o:microsoft:windows_xp:-:sp3
  • Microsoft Windows Vista
    cpe:2.3:o:microsoft:windows_vista
  • Microsoft Windows 7
    cpe:2.3:o:microsoft:windows_7
  • Microsoft Windows XP Service Pack 2
    cpe:2.3:o:microsoft:windows_xp:-:sp2
CVSS
Base: 9.3 (as of 14-06-2010 - 17:20)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Windows
NASL id SAFARI_5_0.NASL
description The version of Safari installed on the remote Windows host is earlier than 5.0. As such, it is potentially affected by numerous issues in the following components : - ColorSync - Safari - WebKit
last seen 2019-02-21
modified 2018-07-30
plugin id 46838
published 2010-06-08
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=46838
title Safari < 5.0 Multiple Vulnerabilities
oval via4
accepted 2013-12-30T04:01:04.276-05:00
class vulnerability
contributors
  • name J. Daniel Brown
    organization DTCC
  • name Preeti Subramanian
    organization SecPod Technologies
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
definition_extensions
comment Apple Safari is installed
oval oval:org.mitre.oval:def:6325
description Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.
family windows
id oval:org.mitre.oval:def:7143
status accepted
submitted 2010-06-08T17:30:00.000-05:00
title Apple Safari Window Management Vulnerability
version 14
refmap via4
apple APPLE-SA-2010-06-07-1
bid 40620
confirm http://support.apple.com/kb/HT4196
sectrack 1024067
secunia 40105
vupen ADV-2010-1373
Last major update 21-08-2010 - 01:41
Published 11-06-2010 - 14:00
Last modified 18-09-2017 - 21:30
Back to Top