9.3
CVE-2010-1807
- EPSS 61.32%
- Veröffentlicht 10.09.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:19:22
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 61.32% | 0.99 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/43068
http://www.vupen.com/english/advisories/2011/0212
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://secunia.com/advisories/42314
http://support.apple.com/kb/HT4456
http://www.vupen.com/english/advisories/2010/3046
http://secunia.com/advisories/41856
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0552
http://secunia.com/advisories/43086
http://www.redhat.com/support/errata/RHSA-2011-0177.html
http://www.vupen.com/english/advisories/2011/0216
http://lists.apple.com/archives/security-announce/2010//Sep/msg00001.html
http://support.apple.com/kb/HT4333
http://trac.webkit.org/changeset/64706
http://www.computerworld.com/s/article/9195058/Researcher_to_release_Web_based_Android_attack
http://www.securityfocus.com/bid/43047
https://bugzilla.redhat.com/show_bug.cgi?id=627703
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11964