CVE-2010-1397
Vulnerability from cvelistv5
Published
2010-06-11 17:28
Modified
2024-08-07 01:21
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T01:21:19.022Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDVSA-2011:039", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4220" }, { "name": "ADV-2010-2722", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "name": "43068", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43068" }, { "name": "USN-1006-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "name": "41856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/41856" }, { "name": "ADV-2011-0212", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4225" }, { "name": "APPLE-SA-2010-06-07-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-095" }, { "name": "40196", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/40196" }, { "name": "40105", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/40105" }, { "name": "ADV-2010-1373", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "name": "oval:org.mitre.oval:def:6912", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6912" }, { "name": "APPLE-SA-2010-06-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "name": "SUSE-SR:2011:002", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "name": "20100608 ZDI-10-095: Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/511721/100/0/threaded" }, { "name": "ADV-2010-1512", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "name": "40620", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/40620" }, { "name": "ADV-2011-0552", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "name": "1024067", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1024067" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4196" }, { "name": "APPLE-SA-2010-06-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-06-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "MDVSA-2011:039", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4220" }, { "name": "ADV-2010-2722", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "name": "43068", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43068" }, { "name": "USN-1006-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "name": "41856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/41856" }, { "name": "ADV-2011-0212", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4225" }, { "name": "APPLE-SA-2010-06-07-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-095" }, { "name": "40196", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/40196" }, { "name": "40105", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/40105" }, { "name": "ADV-2010-1373", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "name": "oval:org.mitre.oval:def:6912", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6912" }, { "name": "APPLE-SA-2010-06-16-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "name": "SUSE-SR:2011:002", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "name": "20100608 ZDI-10-095: Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/511721/100/0/threaded" }, { "name": "ADV-2010-1512", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "name": "40620", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/40620" }, { "name": "ADV-2011-0552", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "name": "1024067", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1024067" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4196" }, { "name": "APPLE-SA-2010-06-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2010-1397", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDVSA-2011:039", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "name": "http://support.apple.com/kb/HT4220", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4220" }, { "name": "ADV-2010-2722", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "name": "43068", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43068" }, { "name": "USN-1006-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "name": "41856", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/41856" }, { "name": "ADV-2011-0212", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "name": "http://support.apple.com/kb/HT4225", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4225" }, { "name": "APPLE-SA-2010-06-07-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-095", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-095" }, { "name": "40196", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40196" }, { "name": "40105", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40105" }, { "name": "ADV-2010-1373", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "name": "oval:org.mitre.oval:def:6912", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6912" }, { "name": "APPLE-SA-2010-06-16-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "name": "SUSE-SR:2011:002", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "name": "20100608 ZDI-10-095: Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/511721/100/0/threaded" }, { "name": "ADV-2010-1512", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "name": "40620", "refsource": "BID", "url": "http://www.securityfocus.com/bid/40620" }, { "name": "ADV-2011-0552", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "name": "1024067", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1024067" }, { "name": "http://support.apple.com/kb/HT4196", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4196" }, { "name": "APPLE-SA-2010-06-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2010-1397", "datePublished": "2010-06-11T17:28:00", "dateReserved": "2010-04-15T00:00:00", "dateUpdated": "2024-08-07T01:21:19.022Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2010-1397\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2010-06-11T18:00:24.550\",\"lastModified\":\"2018-10-10T19:56:51.680\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de uso de la memoria previamente liberada en WebKit en Safari de Apple anterior a versi\u00f3n 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y Windows, y anterior a versi\u00f3n 4.1 sobre Mac OS X versi\u00f3n 10.4, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de vectores relacionados a un cambio de dise\u00f1o durante la renderizaci\u00f3n de selecci\u00f3n y el atributo DOCUMENT_POSITION_DISCONNECTED en un contenedor de un tipo no especificado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.5\",\"matchCriteriaId\":\"517AC59C-3071-4D4E-B370-DD6F3D73E0BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02EAC196-AE43-4787-9AF9-E79E2E1BBA46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36EA71E0-63F7-46FF-AF11-792741F27628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E36485-565D-4FAA-A6AD-57DF42D47462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73E9C17F-C99E-4ABB-B312-31F87BC0C0E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"461EFB63-7933-488C-BB4E-7C913364F5A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2442D35-7484-43D8-9077-3FDF63104816\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC90AA12-DD17-4607-90CB-E342E83F20BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F3E721C-00CA-4D51-B542-F2BC5C0D65BF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3267A41-1AE0-48B8-BD1F-DEC8A212851A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"855288F1-0242-4951-AB3F-B7AF13E21CF6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10082781-B93E-4B84-94F2-FA9749B4D92B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1EBF04-C440-4A6B-93F2-DC3A812728C2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFB077A2-927B-43AF-BFD5-0E78648C9394\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2398ADC8-A106-462E-B9AE-F8AF800D0A3C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1335E35A-D381-4056-9E78-37BC6DF8AD98\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C69DEE9-3FA5-408E-AD27-F5E7043F852A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D25D1FD3-C291-492C-83A7-0AFAFAADC98D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B565F77-C310-4B83-B098-22F9489C226C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"546EBFC8-79F0-42C2-9B9A-A76CA3F19470\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20E8648C-5469-4280-A581-D4A9A41B7213\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7817232-BE3E-4655-8282-A979E5D40D3D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E8D614-E1EE-42F1-9E55-EA54FB500621\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C73BED9E-29FB-4965-B38F-013FFE5A9170\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7723A9E8-1DE2-4C7D-81E6-4F79DCB09324\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C147E866-B80F-4FFA-BBE8-19E84A46DB1C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADF94705-562C-4EC8-993E-1AD88F01549C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82B4CD59-9F37-4EF0-BA43-427CFD6E1329\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26E34E35-CCE9-42BE-9AFF-561D8AA90E25\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A04FF6EE-D4DA-4D70-B0CE-154292828531\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9425320F-D119-49EB-9265-3159070DFE93\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D56B932B-9593-44E2-B610-E4EB2143EB21\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3852BB02-47A1-40B3-8E32-8D8891A53114\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B339C33-8896-4896-88FF-88E74FDBC543\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE477A73-4EE4-41E9-8694-5A3D5DC88656\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.5\",\"matchCriteriaId\":\"517AC59C-3071-4D4E-B370-DD6F3D73E0BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02EAC196-AE43-4787-9AF9-E79E2E1BBA46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36EA71E0-63F7-46FF-AF11-792741F27628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E36485-565D-4FAA-A6AD-57DF42D47462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73E9C17F-C99E-4ABB-B312-31F87BC0C0E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"461EFB63-7933-488C-BB4E-7C913364F5A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0760FDDB-38D3-4263-9B4D-1AF5E613A4F9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD4DE58-46C7-4E69-BF36-C5FD768B8248\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF824694-52DE-44E3-ACAD-60B2A84CD3CE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73A0891-A37A-4E0D-AA73-B18BFD6B1447\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C580935-0091-4163-B747-750FB7686973\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB0F2132-8431-4CEF-9A3D-A69425E3834E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8719F3C4-F1DE-49B5-9301-22414A2B6F9C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09ED46A8-1739-411C-8807-2A416BDB6DFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"786BB737-EA99-4EC6-B742-0C35BF2453F9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D089858-3AF9-4B82-912D-AA33F25E3715\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EE39585-CF3B-4493-96D8-B394544C7643\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F60BF582-F700-4E26-A4AF-5BF657803525\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29644501-54BD-45E9-A6C1-618892CD354F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A132487-E89F-4D0D-8366-14AFC904811F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD231103-D7C7-4697-BE90-D67558D6115C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCADAAA0-C885-466C-A122-A94E73EAF817\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BE429EF-24D4-453A-8B43-8CCEF5D72773\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AC9692A-CE81-446D-B136-449662C4B9A2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"504D78AB-5374-48C9-B357-DB6BD2267D2D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3029892E-1375-4F40-83D3-A51BDC4E9840\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F8DA6D-2258-4138-8FB2-90BE3C68B230\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D09D5933-A7D9-4A61-B863-CD8E7D5E67D8\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/40105\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/40196\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/41856\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1024067\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4196\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4220\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4225\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:039\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/511721/100/0/threaded\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securityfocus.com/bid/40620\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1006-1\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1373\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1512\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2722\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0552\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-10-095\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6912\",\"source\":\"product-security@apple.com\"}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.