Vulnerabilities > CVE-2010-1750 - Resource Management Errors vulnerability in Apple Safari

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
apple
microsoft
CWE-399
critical
nessus

Summary

Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.

Common Weakness Enumeration (CWE)

Nessus

NASL familyWindows
NASL idSAFARI_5_0.NASL
descriptionThe version of Safari installed on the remote Windows host is earlier than 5.0. As such, it is potentially affected by numerous issues in the following components : - ColorSync - Safari - WebKit
last seen2020-06-01
modified2020-06-02
plugin id46838
published2010-06-08
reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/46838
titleSafari < 5.0 Multiple Vulnerabilities

Oval

accepted2013-12-30T04:01:04.276-05:00
classvulnerability
contributors
  • nameJ. Daniel Brown
    organizationDTCC
  • namePreeti Subramanian
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentApple Safari is installed
ovaloval:org.mitre.oval:def:6325
descriptionUse-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.
familywindows
idoval:org.mitre.oval:def:7143
statusaccepted
submitted2010-06-08T17:30:00.000-05:00
titleApple Safari Window Management Vulnerability
version14