CyberSec.Space Logo
Back to CVE Browser

CVE-2010-3116

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile39.37th
PublishedAug 24, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.

Affected Platforms (CPE)

πŸ“¦
Google

Chrome

< 5.0.375.127
πŸ“¦
Apple

Safari

< 4.1.3
πŸ“¦
Apple

Safari

>= 5.0 and < 5.0.3
πŸ’»
Apple

Iphone Os

< 4.2
πŸ“¦
Webkitgtk

Webkitgtk

< 1.2.6
πŸ’»
Canonical

Ubuntu Linux

= 9.10
πŸ’»
Canonical

Ubuntu Linux

= 10.04
πŸ’»
Canonical

Ubuntu Linux

= 10.10

References & Advisories

πŸ”— http://code.google.com/p/chromium/issues/detail?id=50515
πŸ”— http://code.google.com/p/chromium/issues/detail?id=51835
πŸ”— http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
πŸ”— http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
πŸ”— http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
πŸ”— http://secunia.com/advisories/41856
πŸ”— http://secunia.com/advisories/42314

Related Vulnerabilities

CVE-2004-076410.0

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "c...

CVE-2009-247110.0

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers...

CVE-2021-3397010.0

Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

CVE-2009-266510.0

The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when cert...