PT-2010-3454 · Google+1 · Google Chrome+3

Wushi

Publicado

2010-09-24

Atualizado

2020-07-31

CVE-2010-1824

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apple iTunes versions prior to 10.2 Apple Safari (affected versions not specified) Google Chrome versions prior to 6.0.472.59

Description The issue is related to a use-after-free vulnerability in WebKit, which can be exploited by remote attackers to execute arbitrary code or cause a denial of service. This is achieved through vectors related to SVG styles, the DOM tree, and error messages.

Recommendations For Apple iTunes versions prior to 10.2, update to version 10.2 or later. For Apple Safari, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Google Chrome versions prior to 6.0.472.59, update to version 6.0.472.59 or later.

Exploit

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

CVE-2010-1824

USN-1195-1

ZDI-11-095

Produtos afetados

Google Chrome

Safari

Webkit

Itunes

PT-2010-3454 · Google+1 · Google Chrome+3

CVE-2010-1824

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 17