WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop.

Show details on source website

JSON

Share

• Hacker News
• LinkedIn
• Mastodon
• Newspipe
• Pinboard
• Reddit

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-1729"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-05-06T14:53:00Z",
    "severity": "MODERATE"
  },
  "details": "WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes \u003cmarquee\u003e sequences in an infinite loop.",
  "id": "GHSA-fhxx-pw5c-g2gc",
  "modified": "2022-05-17T05:43:24Z",
  "published": "2022-05-17T05:43:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1729"
    },
    {
      "type": "WEB",
      "url": "http://h.ackack.net/?p=258"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

• Related vulnerabilities 1
• Comments 0
• Bundles 0
• Sightings 0

cve-2010-1729

Vulnerability from cvelistv5

Published

2010-05-05 14:00

Modified

2024-08-07 01:35

Severity ?

Summary

WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.

References

▼	URL	Tags
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://h.ackack.net/?p=258	x_refsource_MISC

Impacted products

	Vendor	Product	Version
▼	n/a	n/a	Version: n/a

Show details on NVD website

JSON

Share

• Hacker News
• LinkedIn
• Mastodon
• Newspipe
• Pinboard
• Reddit

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:35:53.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://h.ackack.net/?p=258"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-04-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes \u003cmarquee\u003e sequences in an infinite loop."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-02-17T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://h.ackack.net/?p=258"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-1729",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes \u003cmarquee\u003e sequences in an infinite loop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "http://h.ackack.net/?p=258",
              "refsource": "MISC",
              "url": "http://h.ackack.net/?p=258"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-1729",
    "datePublished": "2010-05-05T14:00:00",
    "dateReserved": "2010-05-05T00:00:00",
    "dateUpdated": "2024-08-07T01:35:53.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Industrialised Customised Documented Theoretical Proof-of-Concept Remediation Annotation Taxonomy of the tags.

Save the comment

Loading…

Loading…

All sightings related to this event Export sightings related to this event

Loading…

Sightings

Author	Source	Type	Date

Nomenclature

• Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
• Confirmed: The vulnerability is confirmed from an analyst perspective.
• Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
• Patched: This vulnerability was successfully patched by the user reporting the sighting.
• Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
• Not confirmed: The user expresses doubt about the veracity of the vulnerability.
• Not patched: This vulnerability was not successfully patched by the user reporting the sighting.