CVE-2010-0049
published 2010-03-15CVE-2010-0049: Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application…
PriorityP347critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
10.94%
95.3th percentile
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | safari | <= 4.0.4 | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
webkitgtk: multiple security vulnerabilities in WebKit
vendor_redhat·2010-03-11·CVSS 9.3
CVE-2010-0049 [CRITICAL] webkitgtk: multiple security vulnerabilities in WebKit
webkitgtk: multiple security vulnerabilities in WebKit
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.
GHSA
GHSA-rv98-p9rj-2p37: Use-after-free vulnerability in WebKit in Apple Safari before 4
ghsa_unreviewed·2022-05-02
CVE-2010-0049 [HIGH] GHSA-rv98-p9rj-2p37: Use-after-free vulnerability in WebKit in Apple Safari before 4
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.
No detection rules found.
Talos
Rule release for today - March 23rd, 2010
blogs_talos·2010-03-23·CVSS 9.3
CVE-2010-0049 [CRITICAL] Rule release for today - March 23rd, 2010
Apple Safari RCE (CVE-2010-0049):
Apple Safari contains a programming error that may allow a remote atttacker to execute code on an affected system. The issue presents itself when the browser fails to properly process certain HTML elements concerning RTL text.
Additionally, as a result of ongoing research, the Sourcefire VRT has added multiple rules to the specific-threats and netbios rule sets to provide coverage for emerging threats from these technologies.
Check out the changelogs here: http://www.snort.org/vrt/advisories/2010/03/23/vrt-rules-2010-03-23.html
Talos
Rule release for today - March 23rd, 2010
blogs_talos·2010-03-23·CVSS 9.3
CVE-2010-0049 [CRITICAL] Rule release for today - March 23rd, 2010
## Rule release for today - March 23rd, 2010
Apple Safari RCE (CVE-2010-0049): Apple Safari contains a programming error that may allow a remote atttacker to execute code on an affected system. The issue presents itself when the browser fails to properly process certain HTML elements concerning RTL text.
Additionally, as a result of ongoing research, the Sourcefire VRT has added multiple rules to the specific-threats and netbios rule sets to provide coverage for emerging threats from these technologies.
Check out the changelogs here: http://www.snort.org/vrt/advisories/2010/03/23/vrt-rules-2010-03-23.html
Bugzilla
CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054 qt, webkitgtk: multiple security vulnerabilities in WebKit
bugzilla·2010-03-03·CVSS 9.3
CVE-2010-0046 [CRITICAL] CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054 qt, webkitgtk: multiple security vulnerabilities in WebKit
CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054 qt, webkitgtk: multiple security vulnerabilities in WebKit
A number of security vulnerabilities were reported in WebKit:
CVE-2010-0046: CSS format() argument memory corruption
https://bugs.webkit.org/show_bug.cgi?id=31815
http://trac.webkit.org/changeset/51727
CSS format() arguments were always treated as strings, which could result
in a crash or arbitrary code execution if an integer or other unexpected
type was used instead.
CVE-2010-0047: Call-after-free in HTMLObjectElement::renderFallBackContent (ZDI-CAN-579)
https://bugs.webkit.org/show_bug.cgi?id=31277
http://trac.webkit.org/changeset/50698
Changes to the style of an OBJECT element resulted in the creation of
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=863http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2010/Mar/msg00000.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/62942http://secunia.com/advisories/41856http://secunia.com/advisories/43068http://support.apple.com/kb/HT4070http://support.apple.com/kb/HT4225http://www.mandriva.com/security/advisories?name=MDVSA-2011:039http://www.securityfocus.com/bid/38671http://www.securitytracker.com/id?1023708http://www.ubuntu.com/usn/USN-1006-1http://www.vupen.com/english/advisories/2010/2722http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0552https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6810http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=863http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2010/Mar/msg00000.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/62942http://secunia.com/advisories/41856http://secunia.com/advisories/43068http://support.apple.com/kb/HT4070http://support.apple.com/kb/HT4225http://www.mandriva.com/security/advisories?name=MDVSA-2011:039http://www.securityfocus.com/bid/38671http://www.securitytracker.com/id?1023708http://www.ubuntu.com/usn/USN-1006-1http://www.vupen.com/english/advisories/2010/2722http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0552https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6810
2010-03-15
Published