Security Advisory

CVE-2010-1119

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-03-25 20:31:00

Last updated 2024-08-07 01:14:05

Assigner mitre

State PUBLISHED

Description

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.

← Browse all CVEs View on cve.org ↗