CVE-2010-1749

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows Apple Safari versions prior to 4.1 on Mac OS X 10.4

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to the Cascading Style Sheets (CSS) run-in property. This is due to a use-after-free vulnerability in WebKit. The vulnerability can be exploited by multiple invocations of a destructor for a child element that has been referenced multiple times.

Recommendations For Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows, update to version 5.0 or later. For Apple Safari versions prior to 4.1 on Mac OS X 10.4, update to version 4.1 or later.