CVE-2010-1824

Published: Sep 24, 2010Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.

Affected (2)

Products: Google: Chrome · Apple: Itunes

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 6.0.472.59

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Apple Itunes	Before 10.2

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (22)

http://code.google.com/p/chromium/issues/detail?id=50712

Source: product-security@apple.com

ExploitVendor Advisory

http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html

Source: product-security@apple.com

Vendor Advisory

http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

Source: product-security@apple.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: product-security@apple.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/43068

Source: product-security@apple.com

Third Party Advisory

http://support.apple.com/kb/HT4554

Source: product-security@apple.com

Third Party Advisory

http://support.apple.com/kb/HT4566

Source: product-security@apple.com

Broken Link

http://www.vupen.com/english/advisories/2011/0212

Source: product-security@apple.com

Third Party Advisory

http://www.zerodayinitiative.com/advisories/ZDI-11-095

Source: product-security@apple.com

Third Party AdvisoryVDB Entry

https://bugs.webkit.org/show_bug.cgi?id=43260

Source: product-security@apple.com

Permissions Required

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151

Source: product-security@apple.com

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=50712

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://secunia.com/advisories/43068

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://support.apple.com/kb/HT4554

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://support.apple.com/kb/HT4566

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.vupen.com/english/advisories/2011/0212

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.zerodayinitiative.com/advisories/ZDI-11-095

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugs.webkit.org/show_bug.cgi?id=43260

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7151

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.