Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-1822

Опубликовано: 04 окт. 2010
Источник: nvd
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Версия до 4.1.3 (исключая)
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Версия от 5.0 (включая) до 5.0.3 (исключая)
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Версия до 6.0.472.62 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

EPSS

Процентиль: 86%
0.02967
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-704

Связанные уязвимости

ubuntu логотип

CVE-2010-1822

CVSS3: 8.8
ubuntu
больше 15 лет назад

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.

redhat логотип

CVE-2010-1822

redhat
больше 15 лет назад

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.

debian логотип

CVE-2010-1822

CVSS3: 8.8
debian
больше 15 лет назад

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 an ...

github логотип

GHSA-whwc-x4m2-68jw

CVSS3: 8.8
github
больше 3 лет назад

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.

EPSS

Процентиль: 86%
0.02967
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-704