CVE-2010-0046
Published Mar 15, 2010
Last updated 7 years ago
Overview
- Description
- The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.
- Source
- product-security@apple.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Evaluator
- Comment
- Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html 'WebKit CVE-ID: CVE-2010-0046 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in WebKit's handling of CSS format() arguments. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS format() arguments. Credit to Robert Swiecki of Google Inc. for reporting this issue.'
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1816CD6-0159-4684-A54D-94866D3FE570",
"versionEndIncluding": "4.0.4"
},
{
"criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB"
},
{
"criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46"
},
{
"criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67"
},
{
"criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628"
},
{
"criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462"
}
],
"operator": "OR"
}
]
}
]