CVE-2010-3257: Use After Free
First published: Tue Sep 07 2010(Updated: )
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Chrome | <6.0.472.53 | |
| WebKitGTK WebKitGTK | <1.2.6 | |
| Apple iPhone OS | <4.2 | |
| Apple Safari | <4.1.3 | |
| Apple Safari | >=5.0<5.0.3 | |
| Canonical Ubuntu Linux | =10.10 | |
| Canonical Ubuntu Linux | =9.10 | |
| Canonical Ubuntu Linux | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://code.google.com/p/chromium/issues/detail?id=52443
- http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html
- http://www.ubuntu.com/usn/USN-1006-1
- http://secunia.com/advisories/41856
- http://www.vupen.com/english/advisories/2010/2722
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
- http://support.apple.com/kb/HT4455
- http://support.apple.com/kb/HT4456
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
- http://www.vupen.com/english/advisories/2010/3046
- http://secunia.com/advisories/42314
- http://www.securityfocus.com/bid/44204
- http://secunia.com/advisories/43086
- http://www.vupen.com/english/advisories/2011/0216
- http://secunia.com/advisories/43068
- http://www.vupen.com/english/advisories/2011/0212
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- http://www.redhat.com/support/errata/RHSA-2011-0177.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
- http://www.vupen.com/english/advisories/2011/0552
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12138
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google chrome
- vendor/webkitgtk
- canonical/webkitgtk webkitgtk
- vendor/apple
- canonical/apple iphone os
- canonical/apple safari
- version/apple safari/5.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/10.10
- version/canonical ubuntu linux/9.10
- version/canonical ubuntu linux/10.04