CVE-2010-1815

Published: Sep 9, 2010Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.

Affected (5)

Products: Apple: Iphone Os · Webkitgtk: Webkitgtk · Canonical: Ubuntu Linux

1 product

1 product

1 product

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 4.1

Running on/with	Platform Versions
Apple Iphone Os	All versions
Apple Ipod Touch	All versions

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Webkitgtk Webkitgtk	Before 1.2.6

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 10.04
Canonical Ubuntu Linux	Version 10.10
Canonical Ubuntu Linux	Version 9.10

Related CWEs

CWE-399

References (40)

http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html

Source: product-security@apple.com

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Source: product-security@apple.com

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html

Source: product-security@apple.com

Mailing ListVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: product-security@apple.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/41856

Source: product-security@apple.com

Third Party Advisory

http://secunia.com/advisories/42314

Source: product-security@apple.com

Third Party Advisory

http://secunia.com/advisories/43068

Source: product-security@apple.com

Third Party Advisory

http://secunia.com/advisories/43086

Source: product-security@apple.com

Third Party Advisory

http://support.apple.com/kb/HT4334

Source: product-security@apple.com

Vendor Advisory

http://support.apple.com/kb/HT4455

Source: product-security@apple.com

Vendor Advisory

http://support.apple.com/kb/HT4456

Source: product-security@apple.com

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

Source: product-security@apple.com

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2011-0177.html

Source: product-security@apple.com

Third Party Advisory

http://www.securityfocus.com/bid/43081

Source: product-security@apple.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-1006-1

Source: product-security@apple.com

Third Party Advisory

http://www.vupen.com/english/advisories/2010/2722

Source: product-security@apple.com

Third Party AdvisoryVendor Advisory

http://www.vupen.com/english/advisories/2011/0212

Source: product-security@apple.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0216

Source: product-security@apple.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0552

Source: product-security@apple.com

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/61702

Source: product-security@apple.com

Third Party AdvisoryVDB Entry

http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html