CyberSec.Space Logo
CVEブラウザに戻る

CVE-2010-3116

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile39.37th
Published2010年8月24日
Last Modified2026年4月29日

Vulnerability Description

Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.

Affected Platforms (CPE)

📦
Google

Chrome

< 5.0.375.127
📦
Apple

Safari

< 4.1.3
📦
Apple

Safari

>= 5.0 and < 5.0.3
💻
Apple

Iphone Os

< 4.2
📦
Webkitgtk

Webkitgtk

< 1.2.6
💻
Canonical

Ubuntu Linux

= 9.10
💻
Canonical

Ubuntu Linux

= 10.04
💻
Canonical

Ubuntu Linux

= 10.10

References & Advisories

🔗 http://code.google.com/p/chromium/issues/detail?id=50515
🔗 http://code.google.com/p/chromium/issues/detail?id=51835
🔗 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
🔗 http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
🔗 http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
🔗 http://secunia.com/advisories/41856
🔗 http://secunia.com/advisories/42314

関連する脆弱性情報

CVE-2004-076410.0

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "c...

CVE-2009-247110.0

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers...

CVE-2021-3397010.0

Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

CVE-2009-266510.0

The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when cert...