CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
96.8%
The remote host has Safari installed.
Versions of Safari earlier than 4.1.1 / 5.0.1 are potentially affected by multiple vulnerabilities :
Safari’s AutoFill feature may disclose information to websites without user interaction. (CVE-2010-1796)
A use after free issue exists in WebKit’s handling of element focus may lead to an application crash or arbitrary code execution. (CVE-2010-1780)
A memory corruption issue exists in WebKit’s rendering of inline elements . (CVE-2010-1782)
A memory corruption issue exists in WebKit’s handling of dynamic modifications to text nodes .
A memory corruption issue exists in WebKit’s handling of CSS counters . (CVE-2010-1784)
An uninitialized memory access issue exists in WebKit’s handling of the ‘:first-letter’ and ‘:first-line’ pseudo-elements in SVG text elements . (CVE-2010-1785)
A use after free issue exists in WebKit’s handling of foreignObject elements in SVG documents. (CVE-2010-1786)
A memory corruption issue exists in WebKit’s handling of floating elements in SVG documents. (CVE-2010-1787)
A memory corruption issue exists in WebKit’s handling of ‘use’ elements in SVG documents. (CVE-2010-1788)
A heap buffer overflow exist sin WebKit’s handling of JavaScript string objects. (CVE-2010-1789)
A re-entrancy issue exists in WebKit’s handling of just-in-time compiled JavaScript stubs. (CVE-2010-1790)
A signedness issue exists in WebKit’s handling of JavaScript arrays. (CVE-2010-1791)
A memory corruption issue exists in WebKit’s handling of regular expressions. (CVE-2010-1792)
A use after free issue exists in WebKit’s handling of ‘font-face’ and ‘use’ elements in SVG documents. (CVE-2010-1793)
Binary data 801006.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1796
lists.apple.com/archives/security-announce/2010/Jul/msg00001.html
support.apple.com/kb/HT4276