| Vulnerability Name: | CVE-2010-0047 (CCN-56833) | ||||||||||||
| Assigned: | 2009-12-15 | ||||||||||||
| Published: | 2010-03-11 | ||||||||||||
| Updated: | 2017-09-19 | ||||||||||||
| Summary: | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content." Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html 'WebKit CVE-ID: CVE-2010-0047 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use-after-free issue exists in the handling of HTML object element fallback content. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking. Credit to wushi of team509, working with TippingPoint's Zero Day Initiative for reporting this issue.' Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html 'Safari 4.0.5 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/' | ||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||
| Vulnerability Type: | CWE-399 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2010-0047 Source: APPLE Type: UNKNOWN APPLE-SA-2010-06-21-1 Source: APPLE Type: Vendor Advisory APPLE-SA-2010-03-11-1 Source: FEDORA Type: UNKNOWN FEDORA-2010-8360 Source: FEDORA Type: UNKNOWN FEDORA-2010-8379 Source: FEDORA Type: UNKNOWN FEDORA-2010-8423 Source: SUSE Type: UNKNOWN SUSE-SR:2011:002 Source: CCN Type: SA38932 Apple Safari Multiple Vulnerabilities Source: CCN Type: SA40257 Apple iOS Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 41856 Source: SECUNIA Type: UNKNOWN 43068 Source: CCN Type: SECTRACK ID: 1023708 Apple Safari WebKit Flaws Let Remote Users Execute Arbitrary Code Source: CCN Type: Apple Web site About the security content of Safari 4.0.5 Source: CONFIRM Type: Vendor Advisory http://support.apple.com/kb/HT4070 Source: CONFIRM Type: UNKNOWN http://support.apple.com/kb/HT4225 Source: MANDRIVA Type: UNKNOWN MDVSA-2011:039 Source: CCN Type: OSVDB ID: 62940 Apple Safari WebKit HTML Object Element Fallback Content Use-after-free Arbitrary Code Execution Source: BID Type: Patch 38671 Source: CCN Type: BID-38671 RETIRED: Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities Source: CCN Type: BID-38687 WebKit Object Element Fallback Memory Corruption Vulnerability Source: SECTRACK Type: UNKNOWN 1023708 Source: UBUNTU Type: UNKNOWN USN-1006-1 Source: VUPEN Type: UNKNOWN ADV-2010-2722 Source: VUPEN Type: UNKNOWN ADV-2011-0212 Source: VUPEN Type: UNKNOWN ADV-2011-0552 Source: XF Type: UNKNOWN safari-html-object-code-exec(56833) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:6882 Source: SUSE Type: SUSE-SR:2011:002 SUSE Security Summary Report Source: CCN Type: ZDI-10-029 Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||