Vulnerabilities > CVE-2010-1939 - Resource Management Errors vulnerability in Apple Safari 4.0.5
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object. CWE-416 'Use After Free' http://cwe.mitre.org/data/definitions/416.html
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description Safari 4.0.5 parent.close() Memory Corruption exploit (w/ASLR and DEP bypass). CVE-2010-1939. Remote exploit for windows platform id EDB-ID:12614 last seen 2016-02-01 modified 2010-05-15 published 2010-05-15 reporter Alexey Sintsov source https://www.exploit-db.com/download/12614/ title Safari 4.0.5 - parent.close Memory Corruption Exploit ASLR and DEP bypass description Apple Safari 4.0.5 parent.close() (memory corruption) 0day Code Execution Exploit. CVE-2010-1939. Remote exploit for windows platform id EDB-ID:12573 last seen 2016-02-01 modified 2010-05-11 published 2010-05-11 reporter Krystian Kloskowski source https://www.exploit-db.com/download/12573/ title Apple Safari 4.0.5 - parent.close memory corruption Code Execution Exploit 0day
Oval
| accepted | 2013-11-11T04:02:17.798-05:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object. | ||||||||||||
| family | windows | ||||||||||||
| id | oval:org.mitre.oval:def:6748 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2010-05-17T03:34:03 | ||||||||||||
| title | Use-after-free vulnerability in Apple Safari 4.0.5 | ||||||||||||
| version | 10 |
Saint
| bid | 39990 |
| description | Apple Safari parent.close() Invalid Pointer Code Execution |
| id | web_client_safari |
| osvdb | 64482 |
| title | safari_parent_close_invalid_pointer |
| type | client |
References
- http://h07.w.interia.pl/Safari.rar
- http://reviews.cnet.com/8301-13727_7-20004709-263.html
- http://secunia.com/advisories/39670
- http://securitytracker.com/id?1023958
- http://www.kb.cert.org/vuls/id/943165
- http://www.osvdb.org/64482
- http://www.securityfocus.com/bid/39990
- http://www.vupen.com/english/advisories/2010/1097
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6748