admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2010/CVE-2010-00xx/CVE-2010-0046.json
cad-safe-bot db95377d9f Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00

184 lines
6.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2010-0046",
"sourceIdentifier": "product-security@apple.com",
"published": "2010-03-15T13:28:25.527",
"lastModified": "2017-09-19T01:30:11.627",
"vulnStatus": "Modified",
"evaluatorComment": "Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\r\n\r\n'WebKit\r\nCVE-ID: CVE-2010-0046\r\nAvailable for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,\r\nMac OS X v10.5.8, Mac OS X Server v10.5.8,\r\nMac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later,\r\nWindows 7, Vista, XP\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue exists in WebKit's handling\r\nof CSS format() arguments. Visiting a maliciously crafted website may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution. This issue is addressed through improved handling of CSS\r\nformat() arguments. Credit to Robert Swiecki of Google Inc. for\r\nreporting this issue.'",
"evaluatorSolution": "Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html\r\n\r\n'Safari 4.0.5 is available via the Apple Software Update application,\r\nor Apple's Safari download site at:\r\nhttp://www.apple.com/safari/download/'",
"descriptions": [
{
"lang": "en",
"value": "The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de CSS (hojas de estilo en cascada) en WebKit de Apple Safari en versiones anteriores a la v4.0.5 permite a usuarios remotos ejecutar comandos de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s argumentos de formato modificados."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.0.4",
"matchCriteriaId": "B1816CD6-0159-4684-A54D-94866D3FE570"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html",
"source": "product-security@apple.com"
},
{
"url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html",
"source": "product-security@apple.com"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html",
"source": "product-security@apple.com"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html",
"source": "product-security@apple.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html",
"source": "product-security@apple.com"
},
{
"url": "http://secunia.com/advisories/41856",
"source": "product-security@apple.com"
},
{
"url": "http://secunia.com/advisories/43068",
"source": "product-security@apple.com"
},
{
"url": "http://support.apple.com/kb/HT4070",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT4225",
"source": "product-security@apple.com"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039",
"source": "product-security@apple.com"
},
{
"url": "http://www.securityfocus.com/bid/38671",
"source": "product-security@apple.com",
"tags": [
"Patch"
]
},
{
"url": "http://www.securitytracker.com/id?1023708",
"source": "product-security@apple.com"
},
{
"url": "http://www.ubuntu.com/usn/USN-1006-1",
"source": "product-security@apple.com"
},
{
"url": "http://www.vupen.com/english/advisories/2010/2722",
"source": "product-security@apple.com"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0212",
"source": "product-security@apple.com"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0552",
"source": "product-security@apple.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7053",
"source": "product-security@apple.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink