CVE-2010-0050
Vulnerability from cvelistv5
Published
2010-03-12 21:00
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:37:53.642Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "MDVSA-2011:039", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039", }, { name: "APPLE-SA-2010-03-11-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html", }, { name: "safari-nested-html-code-exec(56836)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/56836", }, { name: "ADV-2010-2722", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/2722", }, { name: "43068", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43068", }, { name: "USN-1006-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1006-1", }, { name: "1023708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1023708", }, { name: "41856", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/41856", }, { name: "ADV-2011-0212", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0212", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT4225", }, { name: "FEDORA-2010-8360", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT4070", }, { name: "SUSE-SR:2011:002", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { name: "ADV-2011-0552", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0552", }, { name: "oval:org.mitre.oval:def:7587", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587", }, { name: "FEDORA-2010-8379", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html", }, { name: "APPLE-SA-2010-06-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html", }, { name: "38671", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/38671", }, { name: "FEDORA-2010-8423", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-03-11T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-18T12:57:01", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { name: "MDVSA-2011:039", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039", }, { name: "APPLE-SA-2010-03-11-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html", }, { name: "safari-nested-html-code-exec(56836)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/56836", }, { name: "ADV-2010-2722", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/2722", }, { name: "43068", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43068", }, { name: "USN-1006-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1006-1", }, { name: "1023708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1023708", }, { name: "41856", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/41856", }, { name: "ADV-2011-0212", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0212", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT4225", }, { name: "FEDORA-2010-8360", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT4070", }, { name: "SUSE-SR:2011:002", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { name: "ADV-2011-0552", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0552", }, { name: "oval:org.mitre.oval:def:7587", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587", }, { name: "FEDORA-2010-8379", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html", }, { name: "APPLE-SA-2010-06-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html", }, { name: "38671", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/38671", }, { name: "FEDORA-2010-8423", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@apple.com", ID: "CVE-2010-0050", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "MDVSA-2011:039", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039", }, { name: "APPLE-SA-2010-03-11-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html", }, { name: "safari-nested-html-code-exec(56836)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/56836", }, { name: "ADV-2010-2722", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/2722", }, { name: "43068", refsource: "SECUNIA", url: "http://secunia.com/advisories/43068", }, { name: "USN-1006-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1006-1", }, { name: "1023708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1023708", }, { name: "41856", refsource: "SECUNIA", url: "http://secunia.com/advisories/41856", }, { name: "ADV-2011-0212", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0212", }, { name: "http://support.apple.com/kb/HT4225", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT4225", }, { name: "FEDORA-2010-8360", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html", }, { name: "http://support.apple.com/kb/HT4070", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT4070", }, { name: "SUSE-SR:2011:002", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { name: "ADV-2011-0552", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0552", }, { name: "oval:org.mitre.oval:def:7587", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587", }, { name: "FEDORA-2010-8379", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html", }, { name: "APPLE-SA-2010-06-21-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html", }, { name: "38671", refsource: "BID", url: "http://www.securityfocus.com/bid/38671", }, { name: "FEDORA-2010-8423", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2010-0050", datePublished: "2010-03-12T21:00:00", dateReserved: "2009-12-15T00:00:00", dateUpdated: "2024-08-07T00:37:53.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2010-0050\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2010-03-15T14:15:32.073\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad uso después de la liberación (use-after-free) en Apple Safari anterior v4.0.5 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de aplicación) a través de un documento HTML con etiquetas inadecuadamente anidadas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.0.5\",\"matchCriteriaId\":\"6059E56B-E032-4AFE-81DA-512C506FA539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"versionEndExcluding\":\"4.0\",\"matchCriteriaId\":\"38364EB5-F557-4763-A555-9D66F51DE24B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3BB5EDB-520B-4DEF-B06E-65CA13152824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E44669D7-6C1E-4844-B78A-73E253A7CC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2D59BD0-43DE-4E58-A057-640AB98359A6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2BCB73E-27BB-4878-AD9C-90C4F20C25A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87614B58-24AB-49FB-9C84-E8DDBA16353B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5646FDE9-CF21-46A9-B89D-F5BBDB4249AF\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/41856\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT4070\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4225\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:039\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/38671\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023708\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1006-1\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2722\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0552\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56836\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/41856\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT4070\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4225\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:039\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/38671\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023708\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1006-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2722\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56836\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}],\"evaluatorComment\":\"Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\\n\\n\\n'WebKit\\nCVE-ID: CVE-2010-0050\\nAvailable for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,\\nMac OS X v10.5.8, Mac OS X Server v10.5.8,\\nMac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later,\\nWindows 7, Vista, XP\\nImpact: Visiting a maliciously crafted website may lead to an\\nunexpected application termination or arbitrary code execution\\nDescription: A use-after-free issue exists in WebKit's handling of\\nincorrectly nested HTML tags. Visiting a maliciously crafted website\\nmay lead to an unexpected application termination or arbitrary code\\nexecution. This issue is addressed through improved memory reference\\ntracking. Credit to wushi&Z of team509 working with TippingPoint's\\nZero Day Initiative for reporting this issue.'\",\"evaluatorSolution\":\"Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\\n\\n'Safari 4.0.5 is available via the Apple Software Update application,\\nor Apple's Safari download site at:\\nhttp://www.apple.com/safari/download/'\"}}", }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.