9.3

CVE-2010-1770

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue."

Data is provided by the National Vulnerability Database (NVD)
AppleSafari Version <= 4.0.5
   ApplemacOS X Version10.5
   ApplemacOS X Version10.5.0
   ApplemacOS X Version10.5.1
   ApplemacOS X Version10.5.2
   ApplemacOS X Version10.5.3
   ApplemacOS X Version10.5.4
   ApplemacOS X Version10.5.5
   ApplemacOS X Version10.5.6
   ApplemacOS X Version10.5.7
   ApplemacOS X Version10.5.8
   ApplemacOS X Version10.6.0
   ApplemacOS X Version10.6.1
   ApplemacOS X Version10.6.2
   ApplemacOS X Version10.6.3
   ApplemacOS X Server Version10.5
   ApplemacOS X Server Version10.5.0
   ApplemacOS X Server Version10.5.1
   ApplemacOS X Server Version10.5.2
   ApplemacOS X Server Version10.5.3
   ApplemacOS X Server Version10.5.4
   ApplemacOS X Server Version10.5.5
   ApplemacOS X Server Version10.5.6
   ApplemacOS X Server Version10.5.7
   ApplemacOS X Server Version10.5.8
   ApplemacOS X Server Version10.6.0
   ApplemacOS X Server Version10.6.1
   ApplemacOS X Server Version10.6.2
   ApplemacOS X Server Version10.6.3
   MicrosoftWindows 7
   MicrosoftWindows Vista
   MicrosoftWindows Xp Updatesp2
   MicrosoftWindows Xp Updatesp3
AppleWebKit
   ApplemacOS X Version10.5
   ApplemacOS X Version10.5.0
   ApplemacOS X Version10.5.1
   ApplemacOS X Version10.5.2
   ApplemacOS X Version10.5.3
   ApplemacOS X Version10.5.4
   ApplemacOS X Version10.5.5
   ApplemacOS X Version10.5.6
   ApplemacOS X Version10.5.7
   ApplemacOS X Version10.5.8
   ApplemacOS X Version10.6.0
   ApplemacOS X Version10.6.1
   ApplemacOS X Version10.6.2
   ApplemacOS X Version10.6.3
   ApplemacOS X Server Version10.5
   ApplemacOS X Server Version10.5.0
   ApplemacOS X Server Version10.5.1
   ApplemacOS X Server Version10.5.2
   ApplemacOS X Server Version10.5.3
   ApplemacOS X Server Version10.5.4
   ApplemacOS X Server Version10.5.5
   ApplemacOS X Server Version10.5.6
   ApplemacOS X Server Version10.5.7
   ApplemacOS X Server Version10.5.8
   ApplemacOS X Server Version10.6.0
   ApplemacOS X Server Version10.6.1
   ApplemacOS X Server Version10.6.2
   ApplemacOS X Server Version10.6.3
   MicrosoftWindows 7
   MicrosoftWindows Vista
   MicrosoftWindows Xp Updatesp2
   MicrosoftWindows Xp Updatesp3
AppleSafari Version <= 4.0.5
   ApplemacOS X Version10.4
   ApplemacOS X Version10.4.0
   ApplemacOS X Version10.4.1
   ApplemacOS X Version10.4.2
   ApplemacOS X Version10.4.3
   ApplemacOS X Version10.4.4
   ApplemacOS X Version10.4.5
   ApplemacOS X Version10.4.6
   ApplemacOS X Version10.4.7
   ApplemacOS X Version10.4.8
   ApplemacOS X Version10.4.9
   ApplemacOS X Version10.4.10
   ApplemacOS X Version10.4.11
   ApplemacOS X Server Version10.4
   ApplemacOS X Server Version10.4.0
   ApplemacOS X Server Version10.4.1
   ApplemacOS X Server Version10.4.2
   ApplemacOS X Server Version10.4.3
   ApplemacOS X Server Version10.4.4
   ApplemacOS X Server Version10.4.5
   ApplemacOS X Server Version10.4.6
   ApplemacOS X Server Version10.4.7
   ApplemacOS X Server Version10.4.8
   ApplemacOS X Server Version10.4.9
   ApplemacOS X Server Version10.4.10
   ApplemacOS X Server Version10.4.11
AppleWebKit
   ApplemacOS X Version10.4
   ApplemacOS X Version10.4.0
   ApplemacOS X Version10.4.1
   ApplemacOS X Version10.4.2
   ApplemacOS X Version10.4.3
   ApplemacOS X Version10.4.4
   ApplemacOS X Version10.4.5
   ApplemacOS X Version10.4.6
   ApplemacOS X Version10.4.7
   ApplemacOS X Version10.4.8
   ApplemacOS X Version10.4.9
   ApplemacOS X Version10.4.10
   ApplemacOS X Version10.4.11
   ApplemacOS X Server Version10.4
   ApplemacOS X Server Version10.4.0
   ApplemacOS X Server Version10.4.1
   ApplemacOS X Server Version10.4.2
   ApplemacOS X Server Version10.4.3
   ApplemacOS X Server Version10.4.4
   ApplemacOS X Server Version10.4.5
   ApplemacOS X Server Version10.4.6
   ApplemacOS X Server Version10.4.7
   ApplemacOS X Server Version10.4.8
   ApplemacOS X Server Version10.4.9
   ApplemacOS X Server Version10.4.10
   ApplemacOS X Server Version10.4.11
GoogleChrome Version < 5.0.375.70
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version10.04.4 SwEditionlts
CanonicalUbuntu Linux Version10.10
OpensuseOpensuse Version11.2
OpensuseOpensuse Version11.3
SuseSuse Linux Enterprise Desktop Version10 Updatesp3
SuseSuse Linux Enterprise Desktop Version11 Updatesp1
SuseSuse Linux Enterprise Server Version10 Updatesp3
SuseSuse Linux Enterprise Server Version11 Updatesp1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 9.73% 0.927
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

http://www.vupen.com/english/advisories/2011/0212
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2010/1373
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2010/1512
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2010/2722
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2011/0552
Third Party Advisory
Permissions Required
http://securitytracker.com/id?1024067
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/40620
Patch
Third Party Advisory
VDB Entry