CVE-2010-1793

Published: Jul 30, 2010Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-face or (2) use element in an SVG document.

Affected (10)

Products: Apple: Safari, Webkit

2 products

Configuration A

1 vulnerable · 34 platform

Vulnerable Software	Affected Versions
Apple Safari	Up to 5.0

Running on/with	Platform Versions
Apple Mac Os X	Version 10.5.0
Apple Mac Os X	Version 10.5.1
Apple Mac Os X	Version 10.5.2
Apple Mac Os X	Version 10.5.3
Apple Mac Os X	Version 10.5.4
Apple Mac Os X	Version 10.5.5
Apple Mac Os X	Version 10.5.6
Apple Mac Os X	Version 10.5.7
Apple Mac Os X	Version 10.5.8
Apple Mac Os X	Version 10.5
Apple Mac Os X	Version 10.6.0
Apple Mac Os X	Version 10.6.1
Apple Mac Os X	Version 10.6.2
Apple Mac Os X	Version 10.6.3
Apple Mac Os X	Version 10.6.4
Apple Mac Os X Server	Version 10.5.0
Apple Mac Os X Server	Version 10.5.1
Apple Mac Os X Server	Version 10.5.2
Apple Mac Os X Server	Version 10.5.3
Apple Mac Os X Server	Version 10.5.4
Apple Mac Os X Server	Version 10.5.5
Apple Mac Os X Server	Version 10.5.6
Apple Mac Os X Server	Version 10.5.7
Apple Mac Os X Server	Version 10.5.8
Apple Mac Os X Server	Version 10.5
Apple Mac Os X Server	Version 10.6.0
Apple Mac Os X Server	Version 10.6.1
Apple Mac Os X Server	Version 10.6.2
Apple Mac Os X Server	Version 10.6.3
Apple Mac Os X Server	Version 10.6.4
Microsoft Windows 7	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions

Configuration B

9 vulnerable · 26 platform

Vulnerable Software	Affected Versions
Apple Safari	Up to 4.1
Apple Safari	Version 4.0.0b
Apple Safari	Version 4.0.1
Apple Safari	Version 4.0.2
Apple Safari	Version 4.0.3
Apple Safari	Version 4.0.4
Apple Safari	Version 4.0.5
Apple Safari	Version 4.0
Apple Webkit	All versions

Running on/with	Platform Versions
Apple Mac Os X	Version 10.4.0
Apple Mac Os X	Version 10.4.10
Apple Mac Os X	Version 10.4.11
Apple Mac Os X	Version 10.4.1
Apple Mac Os X	Version 10.4.2
Apple Mac Os X	Version 10.4.3
Apple Mac Os X	Version 10.4.4
Apple Mac Os X	Version 10.4.5
Apple Mac Os X	Version 10.4.6
Apple Mac Os X	Version 10.4.7
Apple Mac Os X	Version 10.4.8
Apple Mac Os X	Version 10.4.9
Apple Mac Os X	Version 10.4
Apple Mac Os X Server	Version 10.4.0
Apple Mac Os X Server	Version 10.4.10
Apple Mac Os X Server	Version 10.4.11
Apple Mac Os X Server	Version 10.4.1
Apple Mac Os X Server	Version 10.4.2
Apple Mac Os X Server	Version 10.4.3
Apple Mac Os X Server	Version 10.4.4
Apple Mac Os X Server	Version 10.4.5
Apple Mac Os X Server	Version 10.4.6
Apple Mac Os X Server	Version 10.4.7
Apple Mac Os X Server	Version 10.4.8
Apple Mac Os X Server	Version 10.4.9
Apple Mac Os X Server	Version 10.4

Related CWEs

References (42)

http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html

Source: product-security@apple.com

PatchVendor Advisory

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html

Source: product-security@apple.com

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html

Source: product-security@apple.com

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: product-security@apple.com

http://secunia.com/advisories/41856

Source: product-security@apple.com

http://secunia.com/advisories/42314

Source: product-security@apple.com

http://secunia.com/advisories/43068

Source: product-security@apple.com

http://secunia.com/advisories/43086

Source: product-security@apple.com

http://support.apple.com/kb/HT4276

Source: product-security@apple.com

Vendor Advisory

http://support.apple.com/kb/HT4334

Source: product-security@apple.com

http://support.apple.com/kb/HT4456

Source: product-security@apple.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

Source: product-security@apple.com

http://www.redhat.com/support/errata/RHSA-2011-0177.html

Source: product-security@apple.com

http://www.securityfocus.com/bid/42020

Source: product-security@apple.com

Patch

http://www.ubuntu.com/usn/USN-1006-1

Source: product-security@apple.com

http://www.vupen.com/english/advisories/2010/2722

Source: product-security@apple.com

http://www.vupen.com/english/advisories/2011/0212

Source: product-security@apple.com

http://www.vupen.com/english/advisories/2011/0216

Source: product-security@apple.com

http://www.vupen.com/english/advisories/2011/0552

Source: product-security@apple.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11923

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/41856

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/42314

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43068

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43086

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4276

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://support.apple.com/kb/HT4334

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4456

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2011-0177.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/42020

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.ubuntu.com/usn/USN-1006-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2010/2722

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0212

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0216

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0552

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11923

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.