CVE-2010-1120Code Injection in Apple Safari

CWE-94Code Injection4 documents3 sources
Severity
10.0CRITICALNVD
EPSS
3.0%
top 13.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedMar 25
Latest updateMay 2

Description

Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDapple/safari4.0

🔴Vulnerability Details

1
GHSA
GHSA-j738-8h8q-6x25: Unspecified vulnerability in Safari 4 on Apple Mac OS X 102022-05-02

💥Exploits & PoCs

2
Exploit-DB
Savant Web Server 3.1 - Remote Overflow (Metasploit)2010-10-04
Exploit-DB
Microsoft Movie Maker - Remote Code Execution (MS10-016)2010-09-04