CVE-2010-1824

Vulnerability from cvelistv5

Published

2010-09-24 18:00

Modified

2024-08-07 01:35

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://code.google.com/p/chromium/issues/detail?id=50712	Exploit, Vendor Advisory
product-security@apple.com	http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html	Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Mailing List, Third Party Advisory
product-security@apple.com	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List, Third Party Advisory
product-security@apple.com	http://secunia.com/advisories/43068	Third Party Advisory
product-security@apple.com	http://support.apple.com/kb/HT4554	Third Party Advisory
product-security@apple.com	http://support.apple.com/kb/HT4566	Broken Link
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0212	Third Party Advisory
product-security@apple.com	http://www.zerodayinitiative.com/advisories/ZDI-11-095	Third Party Advisory, VDB Entry
product-security@apple.com	https://bugs.webkit.org/show_bug.cgi?id=43260	Permissions Required
product-security@apple.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://code.google.com/p/chromium/issues/detail?id=50712	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43068	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4554	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4566	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0212	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-11-095	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugs.webkit.org/show_bug.cgi?id=43260	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151	Third Party Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:35:53.785Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=50712"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "oval:org.mitre.oval:def:7151",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.webkit.org/show_bug.cgi?id=43260"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-095"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4554"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=50712"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4566"
        },
        {
          "name": "oval:org.mitre.oval:def:7151",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.webkit.org/show_bug.cgi?id=43260"
        },
        {
          "name": "APPLE-SA-2011-03-02-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-095"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4554"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2010-1824",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=50712",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=50712"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "oval:org.mitre.oval:def:7151",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=43260",
              "refsource": "CONFIRM",
              "url": "https://bugs.webkit.org/show_bug.cgi?id=43260"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-095",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-095"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4554"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2010-1824",
    "datePublished": "2010-09-24T18:00:00",
    "dateReserved": "2010-05-06T00:00:00",
    "dateUpdated": "2024-08-07T01:35:53.785Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-1824\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2010-09-24T19:00:04.387\",\"lastModified\":\"2024-11-21T01:15:16.360\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de usar despu\u00e9s de liberar en WebKit, como se utiliza en Google Chrome en versiones anteriores a la v6.0.472.59, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio y posiblemente provocar otros da\u00f1os a trav\u00e9s de vectores de ataque relacionados con estilos SVG.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.472.59\",\"matchCriteriaId\":\"083D2BC1-C013-4B03-B295-F8131B5AB162\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\",\"matchCriteriaId\":\"BE850901-4B2A-4C98-836A-40683CB02FB4\"}]}]}],\"references\":[{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=50712\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4554\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4566\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-11-095\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.webkit.org/show_bug.cgi?id=43260\",\"source\":\"product-security@apple.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=50712\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4554\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4566\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-11-095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.webkit.org/show_bug.cgi?id=43260\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

ghsa-j66m-f2pj-cwr3

Vulnerability from github

Published

2022-05-13 01:24

Modified

2022-05-13 01:24

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-1824"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-09-24T19:00:00Z",
    "severity": "HIGH"
  },
  "details": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.",
  "id": "GHSA-j66m-f2pj-cwr3",
  "modified": "2022-05-13T01:24:49Z",
  "published": "2022-05-13T01:24:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1824"
    },
    {
      "type": "WEB",
      "url": "https://bugs.webkit.org/show_bug.cgi?id=43260"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151"
    },
    {
      "type": "WEB",
      "url": "http://code.google.com/p/chromium/issues/detail?id=50712"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4554"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4566"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-095"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. Google Chrome Used in Webkit Is SVG style Service operation is interrupted due to incomplete processing (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the methodology the application takes to inform a user about an error while parsing a malformed document. When displaying the error message, the application will append the message to the current instance of the DOM tree causing another element to be removed which will lead to the styles being recalculated. When the styles are recalculated the application will access the initially freed element which can lead to code execution under the context of the application. WebKit is prone to multiple memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious webpage. This BID is being retired. The following individual records exists to better document the issues: 46684 WebKit CVE-2011-0111 Unspecified Memory Corruption Vulnerability 46686 WebKit CVE-2011-0117 Unspecified Memory Corruption Vulnerability 46687 WebKit CVE-2011-0118 Unspecified Memory Corruption Vulnerability 46688 WebKit CVE-2011-0119 Unspecified Memory Corruption Vulnerability 46689 WebKit CVE-2011-0141 Unspecified Memory Corruption Vulnerability 46690 WebKit CVE-2011-0136 Unspecified Memory Corruption Vulnerability 46691 WebKit CVE-2011-0114 Unspecified Memory Corruption Vulnerability 46692 WebKit CVE-2011-0128 Unspecified Memory Corruption Vulnerability 46693 WebKit CVE-2011-0129 Unspecified Memory Corruption Vulnerability 46694 WebKit CVE-2011-0120 Unspecified Memory Corruption Vulnerability 46695 WebKit CVE-2011-0143 Unspecified Memory Corruption Vulnerability 46696 WebKit CVE-2011-0121 Unspecified Memory Corruption Vulnerability 46698 WebKit CVE-2011-0123 Unspecified Memory Corruption Vulnerability 46699 WebKit CVE-2011-0144 Unspecified Memory Corruption Vulnerability 46700 WebKit CVE-2011-0130 Unspecified Memory Corruption Vulnerability 46701 WebKit CVE-2011-0125 Unspecified Memory Corruption Vulnerability 46702 WebKit CVE-2011-0147 Unspecified Memory Corruption Vulnerability 46703 WebKit CVE-2011-0164 Unspecified Memory Corruption Vulnerability 46704 WebKit CVE-2011-0131 Unspecified Memory Corruption Vulnerability 46705 WebKit CVE-2011-0127 Unspecified Memory Corruption Vulnerability 46706 WebKit CVE-2011-0142 Unspecified Memory Corruption Vulnerability 46707 WebKit CVE-2011-0137 Unspecified Memory Corruption Vulnerability 46708 WebKit CVE-2011-0148 Unspecified Memory Corruption Vulnerability 46709 WebKit CVE-2011-0135 Unspecified Memory Corruption Vulnerability 46710 WebKit CVE-2011-0145 Unspecified Memory Corruption Vulnerability 46711 WebKit CVE-2011-0134 Unspecified Memory Corruption Vulnerability 46712 WebKit CVE-2011-0139 Unspecified Memory Corruption Vulnerability 46713 WebKit CVE-2011-0138 Unspecified Memory Corruption Vulnerability 46714 WebKit CVE-2011-0140 Unspecified Memory Corruption Vulnerability 46715 WebKit CVE-2011-0146 Unspecified Memory Corruption Vulnerability 46716 WebKit CVE-2011-0165 Unspecified Memory Corruption Vulnerability 46717 WebKit CVE-2011-0150 Unspecified Memory Corruption Vulnerability 46718 WebKit CVE-2011-0152 Unspecified Memory Corruption Vulnerability 46719 WebKit CVE-2011-0151 Unspecified Memory Corruption Vulnerability 46720 WebKit CVE-2011-0153 Unspecified Memory Corruption Vulnerability 46721 WebKit CVE-2011-0155 Unspecified Memory Corruption Vulnerability 46722 WebKit CVE-2011-0168 Unspecified Memory Corruption Vulnerability 46723 WebKit CVE-2011-0122 Unspecified Memory Corruption Vulnerability 46724 WebKit CVE-2011-0156 Unspecified Memory Corruption Vulnerability 46725 WebKit CVE-2011-0124 Unspecified Memory Corruption Vulnerability 46726 WebKit CVE-2011-0112 Unspecified Memory Corruption Vulnerability 46727 WebKit CVE-2011-0126 Unspecified Memory Corruption Vulnerability 46728 WebKit CVE-2011-0113 Unspecified Memory Corruption Vulnerability 46744 WebKit CVE-2011-0149 'HTMLBRElement' Style Memory Corruption Vulnerability 46745 WebKit CVE-2011-0154 Javascript 'sort()' Method Memory Corruption Vulnerability 46746 WebKit Range Object Remote Code Execution Vulnerability 46747 WebKit CVE-2011-0116 'setOuterText()' Method Memory Corruption Remote Code Execution Vulnerability 46748 WebKit 'Runin' Box CVE-2011-0132 Use-After-Free Memory Corruption Vulnerability 46749 WebKit CVE-2011-0133 Glyph Data Memory Corruption Vulnerability. NOTE: This issue was previously discussed in BID 43228 (Google Chrome prior to 6.0.472.59 Multiple Security Vulnerabilities) but has been given its own record to better document it. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. ----------------------------------------------------------------------

Get a tax break on purchases of Secunia Solutions!

If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/

TITLE: Apple iTunes Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA43582

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43582/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43582

RELEASE DATE: 2011-03-03

DISCUSS ADVISORY: http://secunia.com/advisories/43582/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/43582/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=43582

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.

1) Some errors exists due to the use of a vulnerable libpng library.

For more information: SA40302

2) An array indexing error in the CoreGraphics library (ImageIO) when processing the International Color Consortium (ICC) profile within a JPEG image can be exploited to corrupt heap-based memory.

3) An error in the libTIFF library when handling JPEG encoded TIFF images can be exploited to cause a buffer overflow.

4) A boundary error in the libTIFF library when handling CCITT Group 4 encoded TIFF images.

For more information: SA43593

5) A double free error in the libxml library when handling XPath expressions.

For more information: SA42721

6) An error exists in the libxml library when traversing the XPath.

9) An error in the WebKit component when handling a DOM level 2 range object can be exploited to corrupt memory by manipulating the DOM via an event listener.

10) A use-after-free error in the "setOuterText()" method in the htmlelement library (WebKit) when tracking DOM manipulations can be exploited to dereference freed memory.

11) A use-after-free error in the WebKit component when promoting a run-in element can be exploited to dereference freed memory.

12) An error in the WebKit component when performing layout operations for a floating block of a pseudo-element can be exploited to dereference uninitialised glyph data.

13) An error in the WebKit component when parsing a Root HTMLBRElement element can be exploited to call an unmapped dangling pointer.

14) An error in the Javascript array "sort()" method (WebKit) can be exploited to manipulate elements outside of the array's boundary.

SOLUTION: Update to version 10.2.

Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

PROVIDED AND/OR DISCOVERED BY: 2) Andrzej Dyjak via iDefense VCP 3, 4) Reported by the vendor 8, 11 - 13) wushi of team509 via ZDI 9) J23 via ZDI 10, 14) An anonymous person via ZDI 11) Jose A. Vazquez via ZDI

The vendor also credits: 5) Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences 6) Bui Quang Minh, Bkis 8) kuzcc 9) Emil A Eklund, Google Inc 13) SkyLined, Google Chrome Security Team

The vendor provides a bundled list of credits for vulnerabilities in

7:

Sergey Glazunov Andreas Kling, Nokia Yuzo Fujishima, Google Inc. Abhishek Arya (Inferno), Google, Inc. Mihai Parparita, Google, Inc. Emil A Eklund, Google, Inc. Michal Zalewski, Google, Inc. Chris Evans, Google Chrome Security Team SkyLined, Google Chrome Security Team Chris Rohlf, Matasano Security Aki Helin, OUSPG Dirk Schulze Slawomir Blazek David Bloom Famlam Jan Tosovsky Michael Gundlach

ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4554

iDefense VCP: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=897

ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-095/ http://www.zerodayinitiative.com/advisories/ZDI-11-096/ http://www.zerodayinitiative.com/advisories/ZDI-11-097/ http://www.zerodayinitiative.com/advisories/ZDI-11-098/ http://www.zerodayinitiative.com/advisories/ZDI-11-099/ http://www.zerodayinitiative.com/advisories/ZDI-11-100/ http://www.zerodayinitiative.com/advisories/ZDI-11-101/

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. ----------------------------------------------------------------------

Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).

For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053

SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server.

-- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT4554

-- Disclosure Timeline: 2010-10-18 - Vulnerability reported to vendor 2011-03-02 - Coordinated public release of advisory

-- Credit: This vulnerability was discovered by: * wushi of team509

-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/

Follow the ZDI on Twitter:

http://twitter.com/thezdi

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ========================================================================== Ubuntu Security Notice USN-1195-1 August 23, 2011

webkit vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 10.10
Ubuntu 10.04 LTS

Summary:

Multiple security vulnerabilities were fixed in WebKit.

Software Description: - webkit: Web content engine library for GTK+

Details:

A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 10.10: libwebkit-1.0-2 1.2.7-0ubuntu0.10.10.1

Ubuntu 10.04 LTS: libwebkit-1.0-2 1.2.7-0ubuntu0.10.04.1

After a standard system update you need to restart any applications that use WebKit, such as Epiphany and Midori, to make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-1195-1 CVE-2010-1824, CVE-2010-2646, CVE-2010-2651, CVE-2010-2900, CVE-2010-2901, CVE-2010-3120, CVE-2010-3254, CVE-2010-3812, CVE-2010-3813, CVE-2010-4040, CVE-2010-4042, CVE-2010-4197, CVE-2010-4198, CVE-2010-4199, CVE-2010-4204, CVE-2010-4206, CVE-2010-4492, CVE-2010-4493, CVE-2010-4577, CVE-2010-4578, CVE-2011-0482, CVE-2011-0778

Package Information: https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.10.1 https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.04.1

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201009-0260",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "chrome",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "google",
        "version": "6.0.472.59"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "server v10.5.8"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.0 to  4.2.1 (iphone 3g after )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.1 to  4.2/1 (ipod touch (3rd generation) after )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.2 to  4.2.1 (ipad for )"
      },
      {
        "model": "ipad",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "ipod touch",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "webkit",
        "scope": null,
        "trust": 0.7,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "webkit",
        "version": "1.2.5"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "webkit",
        "version": "1.2.3"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "webkit",
        "version": "1.2.2"
      },
      {
        "model": "open source project webkit r77705",
        "scope": null,
        "trust": 0.6,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit r52833",
        "scope": null,
        "trust": 0.6,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit r52401",
        "scope": null,
        "trust": 0.6,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit r51295",
        "scope": null,
        "trust": 0.6,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit r38566",
        "scope": null,
        "trust": 0.6,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "webkit",
        "version": "1.2.x"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "webkit",
        "version": "1.2.2-1"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "webkit",
        "version": "0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.0.1.8"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "itunes",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.404.1"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.405.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.403.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.401.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.399.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.406.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.400.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.404.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.404.2"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "6.0.401.1"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "6.0.47255"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "5.0.375.55"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.1.2491064"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.1.2491059"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.1.2491036"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.1.249.1045"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.1.249.1042"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.0.249.89"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.0.249.78"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "6.0.472.53"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.1.249.1044"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "mobile safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "chrome",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "google",
        "version": "6.0.472.59"
      },
      {
        "model": "safari for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "BID",
        "id": "46654"
      },
      {
        "db": "BID",
        "id": "46677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:google:chrome",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:ipad",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:ipod_touch",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:itunes",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "wushi of team509",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "BID",
        "id": "46677"
      }
    ],
    "trust": 1.0
  },
  "cve": "CVE-2010-1824",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2010-1824",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2010-1824",
            "impactScore": 9.5,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-44429",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-1824",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-1824",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2010-1824",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201009-254",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-44429",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. Google Chrome Used in Webkit Is SVG style Service operation is interrupted due to incomplete processing (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the methodology the application takes to inform a user about an error while parsing a malformed document. When displaying the error message, the application will append the message to the current instance of the DOM tree causing another element to be removed which will lead to the styles being recalculated. When the styles are recalculated the application will access the initially freed element which can lead to code execution under the context of the application. WebKit is prone to multiple memory-corruption vulnerabilities. \nAn attacker may exploit these issues by enticing victims into viewing a malicious webpage. \nThis BID is being retired. The following individual records exists to better document the issues:\n46684 WebKit CVE-2011-0111 Unspecified Memory Corruption Vulnerability\n46686 WebKit CVE-2011-0117 Unspecified Memory Corruption Vulnerability\n46687 WebKit CVE-2011-0118 Unspecified Memory Corruption Vulnerability\n46688 WebKit CVE-2011-0119 Unspecified Memory Corruption Vulnerability\n46689 WebKit CVE-2011-0141 Unspecified Memory Corruption Vulnerability\n46690 WebKit CVE-2011-0136 Unspecified Memory Corruption Vulnerability\n46691 WebKit CVE-2011-0114 Unspecified Memory Corruption Vulnerability\n46692 WebKit CVE-2011-0128 Unspecified Memory Corruption Vulnerability\n46693 WebKit CVE-2011-0129 Unspecified Memory Corruption Vulnerability\n46694 WebKit CVE-2011-0120 Unspecified Memory Corruption Vulnerability\n46695 WebKit CVE-2011-0143 Unspecified Memory Corruption Vulnerability\n46696 WebKit CVE-2011-0121 Unspecified Memory Corruption Vulnerability\n46698 WebKit CVE-2011-0123 Unspecified Memory Corruption Vulnerability\n46699 WebKit CVE-2011-0144 Unspecified Memory Corruption Vulnerability\n46700 WebKit CVE-2011-0130 Unspecified Memory Corruption Vulnerability\n46701 WebKit CVE-2011-0125 Unspecified Memory Corruption Vulnerability\n46702 WebKit CVE-2011-0147 Unspecified Memory Corruption Vulnerability\n46703 WebKit CVE-2011-0164 Unspecified Memory Corruption Vulnerability\n46704 WebKit CVE-2011-0131 Unspecified Memory Corruption Vulnerability\n46705 WebKit CVE-2011-0127 Unspecified Memory Corruption Vulnerability\n46706 WebKit CVE-2011-0142 Unspecified Memory Corruption Vulnerability\n46707 WebKit CVE-2011-0137 Unspecified Memory Corruption Vulnerability\n46708 WebKit CVE-2011-0148 Unspecified Memory Corruption Vulnerability\n46709 WebKit CVE-2011-0135 Unspecified Memory Corruption Vulnerability\n46710 WebKit CVE-2011-0145 Unspecified Memory Corruption Vulnerability\n46711 WebKit CVE-2011-0134 Unspecified Memory Corruption Vulnerability\n46712 WebKit CVE-2011-0139 Unspecified Memory Corruption Vulnerability\n46713 WebKit CVE-2011-0138 Unspecified Memory Corruption Vulnerability\n46714 WebKit CVE-2011-0140 Unspecified Memory Corruption Vulnerability\n46715 WebKit CVE-2011-0146 Unspecified Memory Corruption Vulnerability\n46716 WebKit CVE-2011-0165 Unspecified Memory Corruption Vulnerability\n46717 WebKit CVE-2011-0150 Unspecified Memory Corruption Vulnerability\n46718 WebKit CVE-2011-0152 Unspecified Memory Corruption Vulnerability\n46719 WebKit CVE-2011-0151 Unspecified Memory Corruption Vulnerability\n46720 WebKit CVE-2011-0153 Unspecified Memory Corruption Vulnerability\n46721 WebKit CVE-2011-0155 Unspecified Memory Corruption Vulnerability\n46722 WebKit CVE-2011-0168 Unspecified Memory Corruption Vulnerability\n46723 WebKit CVE-2011-0122 Unspecified Memory Corruption Vulnerability\n46724 WebKit CVE-2011-0156 Unspecified Memory Corruption Vulnerability\n46725 WebKit CVE-2011-0124 Unspecified Memory Corruption Vulnerability\n46726 WebKit CVE-2011-0112 Unspecified Memory Corruption Vulnerability\n46727 WebKit CVE-2011-0126 Unspecified Memory Corruption Vulnerability\n46728 WebKit CVE-2011-0113 Unspecified Memory Corruption Vulnerability\n46744 WebKit CVE-2011-0149 \u0027HTMLBRElement\u0027 Style Memory Corruption Vulnerability\n46745 WebKit CVE-2011-0154 Javascript \u0027sort()\u0027 Method Memory Corruption Vulnerability\n46746 WebKit Range Object Remote Code Execution Vulnerability\n46747 WebKit CVE-2011-0116 \u0027setOuterText()\u0027 Method Memory Corruption Remote Code Execution Vulnerability\n46748 WebKit \u0027Runin\u0027 Box CVE-2011-0132 Use-After-Free Memory Corruption Vulnerability\n46749 WebKit CVE-2011-0133 Glyph Data Memory Corruption Vulnerability. \nNOTE: This issue was previously discussed in BID 43228 (Google Chrome prior to 6.0.472.59 Multiple Security Vulnerabilities) but has been given its own record to better document it. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nApple iTunes Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43582\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43582/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43582\n\nRELEASE DATE:\n2011-03-03\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43582/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43582/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43582\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Apple iTunes, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\n1) Some errors exists due to the use of a vulnerable libpng library. \n\nFor more information:\nSA40302\n\n2) An array indexing error in the CoreGraphics library (ImageIO) when\nprocessing the International Color Consortium (ICC) profile within a\nJPEG image can be exploited to corrupt heap-based memory. \n\n3) An error in the libTIFF library when handling JPEG encoded TIFF\nimages can be exploited to cause a buffer overflow. \n\n4) A boundary error in the libTIFF library when handling CCITT Group\n4 encoded TIFF images. \n\nFor more information:\nSA43593\n\n5) A double free error in the libxml library when handling XPath\nexpressions. \n\nFor more information:\nSA42721\n\n6) An error exists in the libxml library when traversing the XPath. \n\n9) An error in the WebKit component when handling a DOM level 2 range\nobject can be exploited to corrupt memory by manipulating the DOM via\nan event listener. \n\n10) A use-after-free error in the \"setOuterText()\" method in the\nhtmlelement library (WebKit) when tracking DOM manipulations can be\nexploited to dereference freed memory. \n\n11) A use-after-free error in the WebKit component when promoting a\nrun-in element can be exploited to dereference freed memory. \n\n12) An error in the WebKit component when performing layout\noperations for a floating block of a pseudo-element can be exploited\nto dereference uninitialised glyph data. \n\n13) An error in the WebKit component when parsing a Root\nHTMLBRElement element can be exploited to call an unmapped dangling\npointer. \n\n14) An error in the Javascript array \"sort()\" method (WebKit) can be\nexploited to manipulate elements outside of the array\u0027s boundary. \n\nSOLUTION:\nUpdate to version 10.2. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Andrzej Dyjak via iDefense VCP\n3, 4) Reported by the vendor\n8, 11 - 13) wushi of team509 via ZDI\n9) J23 via ZDI\n10, 14) An anonymous person via ZDI\n11) Jose A. Vazquez via ZDI\n\nThe vendor also credits:\n5) Yang Dingning of NCNIPC, Graduate University of Chinese Academy of\nSciences\n6) Bui Quang Minh, Bkis\n8) kuzcc\n9) Emil A Eklund, Google Inc\n13) SkyLined, Google Chrome Security Team\n\nThe vendor provides a bundled list of credits for vulnerabilities in\n#7:\nSergey Glazunov\nAndreas Kling, Nokia\nYuzo Fujishima, Google Inc. \nAbhishek Arya (Inferno), Google, Inc. \nMihai Parparita, Google, Inc. \nEmil A Eklund, Google, Inc. \nMichal Zalewski, Google, Inc. \nChris Evans, Google Chrome Security Team\nSkyLined, Google Chrome Security Team\nChris Rohlf, Matasano Security\nAki Helin, OUSPG\nDirk Schulze\nSlawomir Blazek\nDavid Bloom\nFamlam\nJan Tosovsky\nMichael Gundlach\n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT4554\n\niDefense VCP:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=897\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-095/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-096/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-097/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-098/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-099/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-100/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-101/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nFor more information:\nSA32349\nSA33495\nSA35095\nSA35379\nSA35411\nSA35449\nSA35758\nSA36269\nSA36677\nSA37273\nSA37346\nSA37769\nSA38061\nSA38545\nSA38932\nSA39029\nSA39091\nSA39384\nSA39661\nSA39937\nSA40002\nSA40072\nSA40105\nSA40112\nSA40148\nSA40196\nSA40257\nSA40664\nSA40783\nSA41014\nSA41085\nSA41242\nSA41328\nSA41390\nSA41443\nSA41535\nSA41841\nSA41888\nSA41968\nSA42151\nSA42264\nSA42290\nSA42312\nSA42443\nSA42461\nSA42658\nSA42769\nSA42886\nSA42956\nSA43053\n\nSOLUTION:\nApply updated packages via YaST Online Update or the SUSE FTP server. \n\n-- Vendor Response:\nApple has issued an update to correct this vulnerability. More\ndetails can be found at:\nhttp://support.apple.com/kb/HT4554\n\n-- Disclosure Timeline:\n2010-10-18 - Vulnerability reported to vendor\n2011-03-02 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n    * wushi of team509\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n    http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n    http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n    http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ==========================================================================\nUbuntu Security Notice USN-1195-1\nAugust 23, 2011\n\nwebkit vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nMultiple security vulnerabilities were fixed in WebKit. \n\nSoftware Description:\n- webkit: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKit browser and\nJavaScript engines. If a user were tricked into viewing a malicious\nwebsite, a remote attacker could exploit a variety of issues related to web\nbrowser security, including cross-site scripting attacks, denial of\nservice attacks, and arbitrary code execution. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 10.10:\n  libwebkit-1.0-2                 1.2.7-0ubuntu0.10.10.1\n\nUbuntu 10.04 LTS:\n  libwebkit-1.0-2                 1.2.7-0ubuntu0.10.04.1\n\nAfter a standard system update you need to restart any applications that\nuse WebKit, such as Epiphany and Midori, to make all the necessary changes. \n\nReferences:\n  http://www.ubuntu.com/usn/usn-1195-1\n  CVE-2010-1824, CVE-2010-2646, CVE-2010-2651, CVE-2010-2900,\n  CVE-2010-2901, CVE-2010-3120, CVE-2010-3254, CVE-2010-3812,\n  CVE-2010-3813, CVE-2010-4040, CVE-2010-4042, CVE-2010-4197,\n  CVE-2010-4198, CVE-2010-4199, CVE-2010-4204, CVE-2010-4206,\n  CVE-2010-4492, CVE-2010-4493, CVE-2010-4577, CVE-2010-4578,\n  CVE-2011-0482, CVE-2011-0778\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.10.1\n  https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.04.1\n\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-1824"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "BID",
        "id": "46654"
      },
      {
        "db": "BID",
        "id": "46677"
      },
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "db": "PACKETSTORM",
        "id": "98876"
      },
      {
        "db": "PACKETSTORM",
        "id": "97846"
      },
      {
        "db": "PACKETSTORM",
        "id": "98855"
      },
      {
        "db": "PACKETSTORM",
        "id": "104366"
      }
    ],
    "trust": 3.24
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-44429",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-1824",
        "trust": 3.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-095",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "43068",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0212",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-982",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "46677",
        "trust": 0.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-098",
        "trust": 0.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-097",
        "trust": 0.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-101",
        "trust": 0.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-096",
        "trust": 0.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-099",
        "trust": 0.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-100",
        "trust": 0.4
      },
      {
        "db": "BID",
        "id": "46654",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "104366",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "98855",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "43582",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-44429",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "98876",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "97846",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "db": "BID",
        "id": "46654"
      },
      {
        "db": "BID",
        "id": "46677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "db": "PACKETSTORM",
        "id": "98876"
      },
      {
        "db": "PACKETSTORM",
        "id": "97846"
      },
      {
        "db": "PACKETSTORM",
        "id": "98855"
      },
      {
        "db": "PACKETSTORM",
        "id": "104366"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "id": "VAR-201009-0260",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:11:51.419000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT4554",
        "trust": 1.5,
        "url": "http://support.apple.com/kb/HT4554"
      },
      {
        "title": "HT4564",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4564"
      },
      {
        "title": "HT4566",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4566"
      },
      {
        "title": "HT4554",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
      },
      {
        "title": "HT4564",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4564?viewlocale=ja_JP"
      },
      {
        "title": "HT4566",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
      },
      {
        "title": "Google Chrome",
        "trust": 0.8,
        "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
      },
      {
        "title": "stable-beta-channel-updates_14",
        "trust": 0.8,
        "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-399",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://support.apple.com/kb/ht4554"
      },
      {
        "trust": 2.0,
        "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-095"
      },
      {
        "trust": 1.8,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://code.google.com/p/chromium/issues/detail?id=50712"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht4566"
      },
      {
        "trust": 1.7,
        "url": "https://bugs.webkit.org/show_bug.cgi?id=43260"
      },
      {
        "trust": 1.7,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7151"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/43068"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2011/0212"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1824"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1824"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/itunes/"
      },
      {
        "trust": 0.6,
        "url": "http://www.webkit.org/"
      },
      {
        "trust": 0.4,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-096/"
      },
      {
        "trust": 0.4,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-097/"
      },
      {
        "trust": 0.4,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-098/"
      },
      {
        "trust": 0.4,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-099/"
      },
      {
        "trust": 0.4,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-100/"
      },
      {
        "trust": 0.4,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-101/"
      },
      {
        "trust": 0.4,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-095/"
      },
      {
        "trust": 0.3,
        "url": "http://www.google.com/chrome"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1824"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=897"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/43582/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43582"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/vim/section_179/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/43582/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43068"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/vim/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/43068/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/43068/"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://twitter.com/thezdi"
      },
      {
        "trust": 0.1,
        "url": "http://www.tippingpoint.com"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3812"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4492"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0778"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4042"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2651"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4577"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4197"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.10.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3254"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3813"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2900"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4204"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4199"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4198"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4493"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2646"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4206"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0482"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2901"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3120"
      },
      {
        "trust": 0.1,
        "url": "http://www.ubuntu.com/usn/usn-1195-1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4578"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "db": "BID",
        "id": "46654"
      },
      {
        "db": "BID",
        "id": "46677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "db": "PACKETSTORM",
        "id": "98876"
      },
      {
        "db": "PACKETSTORM",
        "id": "97846"
      },
      {
        "db": "PACKETSTORM",
        "id": "98855"
      },
      {
        "db": "PACKETSTORM",
        "id": "104366"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "db": "BID",
        "id": "46654"
      },
      {
        "db": "BID",
        "id": "46677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "db": "PACKETSTORM",
        "id": "98876"
      },
      {
        "db": "PACKETSTORM",
        "id": "97846"
      },
      {
        "db": "PACKETSTORM",
        "id": "98855"
      },
      {
        "db": "PACKETSTORM",
        "id": "104366"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "date": "2010-09-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "date": "2011-03-02T00:00:00",
        "db": "BID",
        "id": "46654"
      },
      {
        "date": "2010-09-14T00:00:00",
        "db": "BID",
        "id": "46677"
      },
      {
        "date": "2011-06-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "date": "2011-03-03T03:30:18",
        "db": "PACKETSTORM",
        "id": "98876"
      },
      {
        "date": "2011-01-25T03:59:20",
        "db": "PACKETSTORM",
        "id": "97846"
      },
      {
        "date": "2011-03-03T15:46:08",
        "db": "PACKETSTORM",
        "id": "98855"
      },
      {
        "date": "2011-08-23T14:33:53",
        "db": "PACKETSTORM",
        "id": "104366"
      },
      {
        "date": "2010-09-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      },
      {
        "date": "2010-09-24T19:00:04.387000",
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-11-095"
      },
      {
        "date": "2020-07-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-44429"
      },
      {
        "date": "2011-03-07T17:27:00",
        "db": "BID",
        "id": "46654"
      },
      {
        "date": "2015-03-19T09:40:00",
        "db": "BID",
        "id": "46677"
      },
      {
        "date": "2011-06-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      },
      {
        "date": "2020-08-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      },
      {
        "date": "2024-11-21T01:15:16.360000",
        "db": "NVD",
        "id": "CVE-2010-1824"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "98855"
      },
      {
        "db": "PACKETSTORM",
        "id": "104366"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      }
    ],
    "trust": 0.8
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Google Chrome Used in  Webkit Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002837"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201009-254"
      }
    ],
    "trust": 0.6
  }
}

gsd-2010-1824

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2010-1824

Aliases

CVE-2010-1824

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-1824",
    "description": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.",
    "id": "GSD-2010-1824",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-1824.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-1824"
      ],
      "details": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.",
      "id": "GSD-2010-1824",
      "modified": "2023-12-13T01:21:32.457996Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2010-1824",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "43068",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "ADV-2011-0212",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "http://code.google.com/p/chromium/issues/detail?id=50712",
            "refsource": "CONFIRM",
            "url": "http://code.google.com/p/chromium/issues/detail?id=50712"
          },
          {
            "name": "http://support.apple.com/kb/HT4566",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "oval:org.mitre.oval:def:7151",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151"
          },
          {
            "name": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html",
            "refsource": "CONFIRM",
            "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
          },
          {
            "name": "https://bugs.webkit.org/show_bug.cgi?id=43260",
            "refsource": "CONFIRM",
            "url": "https://bugs.webkit.org/show_bug.cgi?id=43260"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "SUSE-SR:2011:002",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-095",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-095"
          },
          {
            "name": "http://support.apple.com/kb/HT4554",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4554"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.0.472.59",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2010-1824"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=43260",
              "refsource": "CONFIRM",
              "tags": [
                "Permissions Required"
              ],
              "url": "https://bugs.webkit.org/show_bug.cgi?id=43260"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=50712",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "http://code.google.com/p/chromium/issues/detail?id=50712"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-095",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-095"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "oval:org.mitre.oval:def:7151",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2020-07-31T19:21Z",
      "publishedDate": "2010-09-24T19:00Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2010-1824

Vulnerability from cvelistv5

ghsa-j66m-f2pj-cwr3

Vulnerability from github

var-201009-0260

Vulnerability from variot

7:

webkit vulnerabilities

gsd-2010-1824

Vulnerability from gsd

Tags

Sightings

Nomenclature