CVE-2010-1401

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows Apple Safari versions prior to 4.1 on Mac OS X 10.4

Description The issue is related to a use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit. This vulnerability can be exploited by remote attackers to execute arbitrary code or cause a denial of service, resulting in an application crash. The vulnerability involves vectors related to the :first-letter pseudo-element.

Recommendations For Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows, update to version 5.0 or later. For Apple Safari versions prior to 4.1 on Mac OS X 10.4, update to version 4.1 or later.