What is the severity of CVE-2010-1402?

CVE-2010-1402 is rated with a high severity due to the potential for remote code execution and denial of service.

How do I fix CVE-2010-1402?

To fix CVE-2010-1402, update Apple Safari to version 5.0 or later on affected operating systems.

Which software versions are affected by CVE-2010-1402?

CVE-2010-1402 affects Apple Safari versions before 5.0 and WebKit on specified versions of Mac OS X and Windows.

What types of attacks can exploit CVE-2010-1402?

CVE-2010-1402 can be exploited through specially crafted SVG documents that lead to arbitrary code execution or application crashes.

Is CVE-2010-1402 specific to any operating system?

CVE-2010-1402 impacts both Mac OS X versions 10.4 to 10.6 and Windows systems running affected versions of Safari.

Vulnerability/
CVE-2010-1402

critical

9.3

CWE

399 415

11/6/2010

7/8/2024

CVE-2010-1402: Double Free

First published: Fri Jun 11 2010(Updated: )

Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, related to duplicate event listeners, a timer, and an AnimateTransform object.

Credit: product-security@apple.com

Affected Software	Affected Version	How to fix
Apple Safari	<=4.0.5
Apple Safari	=4.0
Apple Safari	=4.0.0b
Apple Safari	=4.0.1
Apple Safari	=4.0.2
Apple Safari	=4.0.3
Apple Safari	=4.0.4
Apple Webkit
macOS Yosemite	=10.5
macOS Yosemite	=10.5.0
macOS Yosemite	=10.5.1
macOS Yosemite	=10.5.2
macOS Yosemite	=10.5.3
macOS Yosemite	=10.5.4
macOS Yosemite	=10.5.5
macOS Yosemite	=10.5.6
macOS Yosemite	=10.5.7
macOS Yosemite	=10.5.8
macOS Yosemite	=10.6.0
macOS Yosemite	=10.6.1
macOS Yosemite	=10.6.2
macOS Yosemite	=10.6.3
Apple Mac OS X Server	=10.5
Apple Mac OS X Server	=10.5.0
Apple Mac OS X Server	=10.5.1
Apple Mac OS X Server	=10.5.2
Apple Mac OS X Server	=10.5.3
Apple Mac OS X Server	=10.5.4
Apple Mac OS X Server	=10.5.5
Apple Mac OS X Server	=10.5.6
Apple Mac OS X Server	=10.5.7
Apple Mac OS X Server	=10.5.8
Apple Mac OS X Server	=10.6.0
Apple Mac OS X Server	=10.6.1
Apple Mac OS X Server	=10.6.2
Apple Mac OS X Server	=10.6.3
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows XP	=sp2
Microsoft Windows XP	=sp3
macOS Yosemite	=10.4
macOS Yosemite	=10.4.0
macOS Yosemite	=10.4.1
macOS Yosemite	=10.4.2
macOS Yosemite	=10.4.3
macOS Yosemite	=10.4.4
macOS Yosemite	=10.4.5
macOS Yosemite	=10.4.6
macOS Yosemite	=10.4.7
macOS Yosemite	=10.4.8
macOS Yosemite	=10.4.9
macOS Yosemite	=10.4.10
macOS Yosemite	=10.4.11
Apple Mac OS X Server	=10.4
Apple Mac OS X Server	=10.4.0
Apple Mac OS X Server	=10.4.1
Apple Mac OS X Server	=10.4.2
Apple Mac OS X Server	=10.4.3
Apple Mac OS X Server	=10.4.4
Apple Mac OS X Server	=10.4.5
Apple Mac OS X Server	=10.4.6
Apple Mac OS X Server	=10.4.7
Apple Mac OS X Server	=10.4.8
Apple Mac OS X Server	=10.4.9
Apple Mac OS X Server	=10.4.10
Apple Mac OS X Server	=10.4.11

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1402?
CVE-2010-1402 is rated with a high severity due to the potential for remote code execution and denial of service.
How do I fix CVE-2010-1402?
To fix CVE-2010-1402, update Apple Safari to version 5.0 or later on affected operating systems.
Which software versions are affected by CVE-2010-1402?
CVE-2010-1402 affects Apple Safari versions before 5.0 and WebKit on specified versions of Mac OS X and Windows.
What types of attacks can exploit CVE-2010-1402?
CVE-2010-1402 can be exploited through specially crafted SVG documents that lead to arbitrary code execution or application crashes.
Is CVE-2010-1402 specific to any operating system?
CVE-2010-1402 impacts both Mac OS X versions 10.4 to 10.6 and Windows systems running affected versions of Safari.

collector/nvd-historical
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/references
agent/author
agent/weakness
agent/remedy
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/apple safari
version/apple safari/4.0.5
version/apple safari/4.0
version/apple safari/4.0.0b
version/apple safari/4.0.1
version/apple safari/4.0.2
version/apple safari/4.0.3
version/apple safari/4.0.4
canonical/apple webkit
canonical/macos yosemite
version/macos yosemite/10.5
version/macos yosemite/10.5.0
version/macos yosemite/10.5.1
version/macos yosemite/10.5.2
version/macos yosemite/10.5.3
version/macos yosemite/10.5.4
version/macos yosemite/10.5.5
version/macos yosemite/10.5.6
version/macos yosemite/10.5.7
version/macos yosemite/10.5.8
version/macos yosemite/10.6.0
version/macos yosemite/10.6.1
version/macos yosemite/10.6.2
version/macos yosemite/10.6.3
canonical/apple mac os x server
version/apple mac os x server/10.5
version/apple mac os x server/10.5.0
version/apple mac os x server/10.5.1
version/apple mac os x server/10.5.2
version/apple mac os x server/10.5.3
version/apple mac os x server/10.5.4
version/apple mac os x server/10.5.5
version/apple mac os x server/10.5.6
version/apple mac os x server/10.5.7
version/apple mac os x server/10.5.8
version/apple mac os x server/10.6.0
version/apple mac os x server/10.6.1
version/apple mac os x server/10.6.2
version/apple mac os x server/10.6.3
vendor/microsoft
canonical/microsoft windows 7
canonical/microsoft windows vista
canonical/microsoft windows xp
version/microsoft windows xp/sp2
version/microsoft windows xp/sp3
version/macos yosemite/10.4
version/macos yosemite/10.4.0
version/macos yosemite/10.4.1
version/macos yosemite/10.4.2
version/macos yosemite/10.4.3
version/macos yosemite/10.4.4
version/macos yosemite/10.4.5
version/macos yosemite/10.4.6
version/macos yosemite/10.4.7
version/macos yosemite/10.4.8
version/macos yosemite/10.4.9
version/macos yosemite/10.4.10
version/macos yosemite/10.4.11
version/apple mac os x server/10.4
version/apple mac os x server/10.4.0
version/apple mac os x server/10.4.1
version/apple mac os x server/10.4.2
version/apple mac os x server/10.4.3
version/apple mac os x server/10.4.4
version/apple mac os x server/10.4.5
version/apple mac os x server/10.4.6
version/apple mac os x server/10.4.7
version/apple mac os x server/10.4.8
version/apple mac os x server/10.4.9
version/apple mac os x server/10.4.10
version/apple mac os x server/10.4.11

CVE-2010-1402: Double Free

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1402?

How do I fix CVE-2010-1402?

Which software versions are affected by CVE-2010-1402?

What types of attacks can exploit CVE-2010-1402?

Is CVE-2010-1402 specific to any operating system?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-1402?

How do I fix CVE-2010-1402?

Which software versions are affected by CVE-2010-1402?

What types of attacks can exploit CVE-2010-1402?

Is CVE-2010-1402 specific to any operating system?