CVE-2010-3116

CVE Details

Release Date:2010-08-24
Impact:Moderate What is this?

Description


Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.

See more information about CVE-2010-3116 from MITRE CVE dictionary and NIST NVD


NOTE: The following CVSS metrics and score provided are preliminary and subject to review.


CVSS v2 metrics

Base Score: 10.0
Vector String: AV:N/AC:L/Au:N/C:C/I:C/A:C
Version: 2.0
Attack Vector: Network
Attack Complexity: Low
Authentication: None
Confidentiality Impact: Complete
Integrity Impact: Complete
Availability Impact: Complete

Errata information


PlatformErrataRelease Date
Oracle Linux version 6 (webkitgtk)ELSA-2011-01772011-02-10


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete