Vulnerability Name: | CVE-2010-1823 (CCN-61798) | ||||||||||||||||
Assigned: | 2010-09-14 | ||||||||||||||||
Published: | 2010-09-14 | ||||||||||||||||
Updated: | 2020-07-31 | ||||||||||||||||
Summary: | Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. | ||||||||||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||
Vulnerability Type: | CWE-416 | ||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||
References: | Source: CONFIRM Type: Issue Tracking, Patch, Vendor Advisory http://code.google.com/p/chromium/issues/detail?id=50250 Source: MITRE Type: CNA CVE-2010-1823 Source: CCN Type: Google Chrome Releases Web site Stable, Beta Channel Updates Source: CONFIRM Type: Vendor Advisory http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2011-07-20-1 Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2011-10-11-1 Source: SUSE Type: Mailing List, Third Party Advisory SUSE-SR:2011:002 Source: CCN Type: SA41390 Google Chrome Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 43068 Source: CCN Type: SA45325 Apple Safari Multiple Vulnerabilities Source: CCN Type: Apple KB HT4808 About the security content of Safari 5.1 and Safari 5.0.6 Source: CONFIRM Type: Third Party Advisory http://support.apple.com/kb/HT4808 Source: CONFIRM Type: Third Party Advisory http://support.apple.com/kb/HT4981 Source: CCN Type: OSVDB ID: 68101 Google Chrome Document API Parsing Use-after-free DoS Source: CCN Type: BID-43228 Google Chrome prior to 6.0.472.59 Multiple Security Vulnerabilities Source: VUPEN Type: Third Party Advisory ADV-2011-0212 Source: CONFIRM Type: Permissions Required https://bugs.webkit.org/show_bug.cgi?id=43055 Source: CONFIRM Type: Issue Tracking, Patch, Third Party Advisory https://bugs.webkit.org/show_bug.cgi?id=44533 Source: XF Type: UNKNOWN google-chrome-apis-dos(61798) Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:7405 Source: SUSE Type: SUSE-SR:2011:002 SUSE Security Summary Report | ||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |