Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-1791 | First vendor Publication | 2010-07-30 |
| Vendor | Cve | Last vendor Modification | 2017-09-19 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11802 | |||
| Oval ID: | oval:org.mitre.oval:def:11802 | ||
| Title: | Integer signedness error in WebKit in Apple Safari before 5.0.1 related to vectors involving a JavaScript array index. | ||
| Description: | Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1791 | Version: | 11 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-03-07 | Name : Mandriva Update for webkit MDVSA-2011:039 (webkit) File : nvt/gb_mandriva_MDVSA_2011_039.nasl |
| 2011-02-18 | Name : Fedora Update for webkitgtk FEDORA-2011-1224 File : nvt/gb_fedora_2011_1224_webkitgtk_fc13.nasl |
| 2011-01-24 | Name : FreeBSD Ports: webkit-gtk2 File : nvt/freebsd_webkit-gtk22.nasl |
| 2011-01-11 | Name : Fedora Update for webkitgtk FEDORA-2011-0121 File : nvt/gb_fedora_2011_0121_webkitgtk_fc13.nasl |
| 2010-08-02 | Name : Apple Safari Multiple Vulnerabilities - July 10 File : nvt/secpod_apple_safari_mult_vuln_jul10.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 66855 | Apple Safari Webkit JavaScript Array Index Integer Signedness Arbitrary Code ... Apple Safari Webkit contains an integer signedness flaw related to WebKit's handling of JavaScript arrays. The issue is triggered when visiting a maliciously crafted website. This may allow a context-dependent attacker to execute arbitrary code. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-09.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libwebkit-110104.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libwebkit-110111.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-039.nasl - Type : ACT_GATHER_INFO |
| 2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1224.nasl - Type : ACT_GATHER_INFO |
| 2011-01-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0121.nasl - Type : ACT_GATHER_INFO |
| 2011-01-03 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_06a12e26142e11e0bea20015f2db7bde.nasl - Type : ACT_GATHER_INFO |
| 2010-09-02 | Name : The remote host contains an application that has multiple vulnerabilities. File : itunes_10_0.nasl - Type : ACT_GATHER_INFO |
| 2010-09-02 | Name : The remote host contains a multimedia application that has multiple vulnerabi... File : itunes_10_0_banner.nasl - Type : ACT_GATHER_INFO |
| 2010-07-28 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari5_0_1.nasl - Type : ACT_GATHER_INFO |
| 2010-07-28 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_5_0_1.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-04-10 12:06:22 |
|
| 2020-05-23 01:42:05 |
|
| 2020-05-23 00:25:48 |
|
| 2017-11-29 12:03:22 |
|
| 2017-11-23 12:03:24 |
|
| 2017-09-19 09:23:47 |
|
| 2016-06-28 18:10:43 |
|
| 2016-04-26 19:48:28 |
|
| 2014-12-16 13:24:37 |
|
| 2014-06-14 13:28:45 |
|
| 2014-02-17 10:55:21 |
|
| 2013-05-10 23:24:49 |
|
