Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAppleCVE-2010-0041
HistoryMar 15, 2010 - 1:28 p.m.

CVE-2010-0041

2010-03-1513:28:25
CWE-200
apple
web.nvd.nist.gov
32
cve-2010-0041
imageio
apple safari
itunes
windows
memory access
vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

7.8

Confidence

High

EPSS

0.005

Percentile

76.8%

JSON

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image.

Affected configurations

Nvd
Node
applesafariRange4.0.4
OR
applesafariMatch4.0
OR
applesafariMatch4.0.0b
OR
applesafariMatch4.0.1
OR
applesafariMatch4.0.2
OR
applesafariMatch4.0.3
AND
microsoftwindows
VendorProductVersionCPE
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
applesafari4.0cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
applesafari4.0.0bcpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
applesafari4.0.1cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
applesafari4.0.2cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
applesafari4.0.3cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Related

prion 1
nvd 1
cvelist 1
nessus 7
securityvulns 2
openvas 4
threatpost 1
prion
prion
Design/Logic Flaw
2010-03-15 13:28:00
nvd
nvd
CVE-2010-0041
2010-03-15 13:28:25
cvelist
cvelist
CVE-2010-0041
2010-03-12 20:00:00
nessus
nessus
Apple iTunes < 9.1 Multiple Vulnerabilities (credentialed check)
2010-03-31 00:00:00
iTunes < 9.1 Multiple Vulnerabilities
2010-03-31 00:00:00
Apple iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check)
2010-03-31 00:00:00
securityvulns
securityvulns
Apple iTunes multiple security uvlnerabilities
2010-08-19 00:00:00
About the security content of iTunes 9.1
2010-08-19 00:00:00
openvas
openvas
Apple Safari Webkit Multiple Vulnerabilities
2010-03-18 00:00:00
Apple Safari Webkit Multiple Vulnerabilities
2010-03-18 00:00:00
Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
2010-05-12 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

7.8

Confidence

High

EPSS

0.005

Percentile

76.8%

JSON
Related for CVE-2010-0041
prion1nvd1cvelist1nessus7securityvulns2openvas4threatpost1