Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Apple WebKit / Safari
Опубликовано:14 сентября 2010 г.
Источник:
SecurityVulns ID:11137
Тип:удаленная
Уровень опасности:
7/10
Описание:Выполнение кода, повреждения памяти.
Затронутые продукты:APPLE : Safari 5.0
 APPLE : Safari 4.1
CVE:CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.)
 CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers.)
 CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.)
Оригинальный текстdocumentZDI, ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability (14.09.2010)
 documentAPPLE, About the security content of Safari 5.0.2 and Safari 4.1.2 (14.09.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород