Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20019
HistoryAug 10, 2010 - 12:00 a.m.

Apple Safari Webkit SVG First-Letter样式远程代码执行漏洞

2010-08-1000:00:00
Root
www.seebug.org
17

EPSS

0.104

Percentile

95.0%

JSON

BUGTRAQ ID: 42037
CVE ID: CVE-2010-1785

Safari是苹果家族机器操作系统中默认捆绑的WEB浏览器。

Safari的Webkit没有正确地实现SVG文本元素上下文中的first-letter样式,在将该样式应用到这个元素时首先会计算高度以判断 inline box的溢出。在遍历高度元素时,函数库会使用来自不存在linebox的数据。成功攻击会导致执行任意代码。

Apple Safari 5.x
Apple Safari 4.x
厂商补丁:

Apple

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.apple.com/safari/download/

Related

cvelist 1
debiancve 1
veracode 1
cve 1
zdi 1
prion 1
nvd 1
ubuntucve 1
securityvulns 3
nessus 18
openvas 23
freebsd 1
oraclelinux 1
redhat 1
fedora 6
gentoo 1
cvelist
cvelist
CVE-2010-1785
2010-07-30 20:00:00
debiancve
debiancve
CVE-2010-1785
2010-07-30 20:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:53:15
cve
cve
CVE-2010-1785
2010-07-30 20:30:02
zdi
zdi
Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability
2010-08-05 00:00:00
prion
prion
Code injection
2010-07-30 20:30:00
nvd
nvd
CVE-2010-1785
2010-07-30 20:30:02
ubuntucve
ubuntucve
CVE-2010-1785
2010-07-30 00:00:00
securityvulns
securityvulns
ZDI-10-142: Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability
2010-08-08 00:00:00
Apple Webkit / Safari multiple security vulnerabilities
2010-08-14 00:00:00
About the security content of Safari 5.0.1 and Safari 4.1.1
2010-08-08 00:00:00
nessus
nessus
openSUSE Security Update : libwebkit (openSUSE-SU-2010:0666-1)
2014-06-13 00:00:00
Safari < 4.1.1 / 5.0.1 Multiple Vulnerabilities
2010-07-28 00:00:00
Safari < 4.1.1 / 5.0.1 Multiple Vulnerabilities
2010-07-28 00:00:00
openvas
openvas
FreeBSD Ports: webkit-gtk2
2010-10-10 00:00:00
FreeBSD Ports: webkit-gtk2
2010-10-10 00:00:00
Apple Safari Multiple Vulnerabilities (Jul 2010)
2010-08-02 00:00:00
freebsd
freebsd
webkit-gtk2 -- Multiple vulnerabilities
2010-09-07 00:00:00
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: webkitgtk-1.2.4-1.fc12
2010-09-21 01:43:18
[SECURITY] Fedora 13 Update: webkitgtk-1.2.4-1.fc13
2010-09-15 05:40:48
[SECURITY] Fedora 13 Update: webkitgtk-1.2.5-1.fc13
2010-10-19 07:21:56
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00

EPSS

0.104

Percentile

95.0%

JSON
Related for SSV:20019
cvelist1debiancve1veracode1cve1zdi1prion1nvd1ubuntucve1securityvulns3nessus18openvas23freebsd1oraclelinux1redhat1fedora6gentoo1