Vulnerability Name: CVE-2010-1770 (CCN-59205) Assigned: 2010-06-07 Published: 2010-06-07 Updated: 2020-08-07 Summary: WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue." CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P 5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-94 Vulnerability Consequences: Gain Access References: Source: CONFIRMhttp://code.google.com/p/chromium/issues/detail?id=43487 CVE-2010-1770 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html APPLE-SA-2010-06-16-1 APPLE-SA-2010-11-22-1 APPLE-SA-2010-09-08-1 APPLE-SA-2010-06-07-1 SUSE-SR:2011:002 Apple Mac OS X Security Update Fixes Multiple Vulnerabilities Google Chrome Multiple Vulnerabilities 40072 Apple Safari Multiple Vulnerabilities 40105 Apple iTunes Multiple Vulnerabilities 40196 41856 Apple iOS Multiple Vulnerabilities 42314 43068 Mac OS X Multiple Image and File Processing Bugs Permit Remote Code Execution Apple Safari Bugs Let Remote Users Execute Arbitrary Code or Access Potentially Sensitive Information 1024067 http://support.apple.com/kb/HT4196 About the security content of iTunes 9.2 http://support.apple.com/kb/HT4220 About the security content of iOS 4.1 for iPhone and iPod touch http://support.apple.com/kb/HT4334 http://support.apple.com/kb/HT4456 MDVSA-2011:039 Apple Safari WebKit IBM1147 Character Set Handling Arbitrary Code Execution Apple Mac OS X 2009-003 Multiple Security Vulnerabilities 40620 RETIRED: Apple Safari Prior to 5.0 and 4.1 Multiple Security Vulnerabilities WebKit IBM1147 Character Set Text Transform Remote Code Execution Vulnerability USN-1006-1 ADV-2010-1373 ADV-2010-1512 ADV-2010-2722 ADV-2011-0212 ADV-2011-0552 http://zerodayinitiative.com/advisories/ZDI-10-093/ safari-webkit-textnode-ce(59205) oval:org.mitre.oval:def:7099 SUSE Security Summary Report SUSE Security Summary Report Apple Webkit CSS Charset Text Transformation Remote Code Execution Vulnerability Vulnerable Configuration: Configuration 1 :cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version <= 4.0.5)OR cpe:/a:apple:webkit:*:*:*:*:*:*:*:* AND cpe:/o:apple:mac_os_x:10.5:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_7:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* Configuration 2 :cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version <= 4.0.5)OR cpe:/a:apple:webkit:*:*:*:*:*:*:*:* AND cpe:/o:apple:mac_os_x:10.4:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:* Configuration 3 :cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 5.0.375.70)Configuration 4 :cpe:/o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* OR cpe:/o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:* OR cpe:/o:canonical:ubuntu_linux:10.04.4:*:*:*:lts:*:*:* OR cpe:/o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:11.2:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:11.3:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux_enterprise_desktop:10:sp3:*:*:*:*:*:* OR cpe:/o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:* OR cpe:/o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:* OR cpe:/o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:* OR cpe:/o:apple:iphone_os:2.0.1:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:* OR cpe:/o:apple:iphone_os:2.0.2:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:* OR cpe:/o:microsoft:windows_7:*:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:2.1:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:2.0:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:3.0:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:3.1:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:3.1.2:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:3.1.3:*:*:*:*:*:*:* OR cpe:/a:apple:safari:4.1:*:*:*:*:*:*:* OR cpe:/a:apple:safari:5.0:*:*:*:*:*:*:* OR cpe:/a:apple:itunes:9.2:*:*:*:*:*:*:* OR cpe:/o:apple:ios:4.0:*:*:*:*:*:*:* OR cpe:/o:apple:ios:4.0.1:*:*:*:*:*:*:* OR cpe:/o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:* OR cpe:/o:apple:iphone_os:3.0:-:ipodtouch:*:*:*:*:* OR cpe:/o:apple:iphone_os:3.1.2:-:ipodtouch:*:*:*:*:* OR cpe:/o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:* OR cpe:/o:apple:ios:4.0.1:-:ipodtouch:*:*:*:*:* OR cpe:/o:apple:ios:4.0:-:ipodtouch:*:*:*:*:* AND cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:* Oval Definitions BACK
apple safari *
apple webkit *
apple mac os x 10.5
apple mac os x 10.5.0
apple mac os x 10.5.1
apple mac os x 10.5.2
apple mac os x 10.5.3
apple mac os x 10.5.4
apple mac os x 10.5.5
apple mac os x 10.5.6
apple mac os x 10.5.7
apple mac os x 10.5.8
apple mac os x 10.6.0
apple mac os x 10.6.1
apple mac os x 10.6.2
apple mac os x 10.6.3
apple mac os x server 10.5
apple mac os x server 10.5.0
apple mac os x server 10.5.1
apple mac os x server 10.5.2
apple mac os x server 10.5.3
apple mac os x server 10.5.4
apple mac os x server 10.5.5
apple mac os x server 10.5.6
apple mac os x server 10.5.7
apple mac os x server 10.5.8
apple mac os x server 10.6.0
apple mac os x server 10.6.1
apple mac os x server 10.6.2
apple mac os x server 10.6.3
microsoft windows 7 *
microsoft windows vista *
microsoft windows xp * sp2
microsoft windows xp * sp3
apple safari *
apple webkit *
apple mac os x 10.4
apple mac os x 10.4.0
apple mac os x 10.4.1
apple mac os x 10.4.2
apple mac os x 10.4.3
apple mac os x 10.4.4
apple mac os x 10.4.5
apple mac os x 10.4.6
apple mac os x 10.4.7
apple mac os x 10.4.8
apple mac os x 10.4.9
apple mac os x 10.4.10
apple mac os x 10.4.11
apple mac os x server 10.4
apple mac os x server 10.4.0
apple mac os x server 10.4.1
apple mac os x server 10.4.2
apple mac os x server 10.4.3
apple mac os x server 10.4.4
apple mac os x server 10.4.5
apple mac os x server 10.4.6
apple mac os x server 10.4.7
apple mac os x server 10.4.8
apple mac os x server 10.4.9
apple mac os x server 10.4.10
apple mac os x server 10.4.11
google chrome *
canonical ubuntu linux 9.10
canonical ubuntu linux 10.04
canonical ubuntu linux 10.04.4
canonical ubuntu linux 10.10
opensuse opensuse 11.2
opensuse opensuse 11.3
suse suse linux enterprise desktop 10 sp3
suse suse linux enterprise desktop 11 sp1
suse suse linux enterprise server 10 sp3
suse suse linux enterprise server 11 sp1
apple iphone os 2.0.0 -
apple iphone os 2.0.1
apple iphone os 2.0.1 -
apple iphone os 2.0.2
apple iphone os 2.0.2 -
microsoft windows 7 *
apple iphone os 2.1
apple iphone os 2.0
apple iphone os 3.0
apple iphone os 3.1
apple iphone os 3.1.2
apple iphone os 3.1.3
apple safari 4.1
apple safari 5.0
apple itunes 9.2
apple iphone os 4.0
apple iphone os 4.0.1
apple iphone os 2.1 -
apple iphone os 3.0 -
apple iphone os 3.1.2 -
apple iphone os 3.1 -
apple iphone os 4.0.1 -
apple iphone os 4.0 -
microsoft windows xp sp2
apple mac os x 10.4.11
apple mac os x server 10.4.11
apple mac os x 10.5.8
apple mac os x server 10.5.8
apple mac os x server 10.6.2
apple mac os x 10.6.2
Denotes that component is vulnerable