Computer Security
[EN] securityvulns.ru no-pyccku


Apple WebKit / Safari multiple security vulnerabilities
Published:14.09.2010
Source:
SecurityVulns ID:11137
Type:remote
Threat Level:
7/10
Description:Code execution, memory corruptions.
Affected:APPLE : Safari 5.0
 APPLE : Safari 4.1
CVE:CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.)
 CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers.)
 CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.)
Original documentdocumentZDI, ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability (14.09.2010)
 documentAPPLE, About the security content of Safari 5.0.2 and Safari 4.1.2 (14.09.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod