CVE-2010-3116

Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.
References
Link Resource
http://code.google.com/p/chromium/issues/detail?id=50515 Permissions Required
http://code.google.com/p/chromium/issues/detail?id=51835 Permissions Required
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html Vendor Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html Mailing List Third Party Advisory
http://secunia.com/advisories/41856 Third Party Advisory
http://secunia.com/advisories/42314 Third Party Advisory
http://secunia.com/advisories/43068 Third Party Advisory
http://secunia.com/advisories/43086 Third Party Advisory
http://support.apple.com/kb/HT4455 Third Party Advisory
http://support.apple.com/kb/HT4456 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0177.html Third Party Advisory
http://www.securityfocus.com/bid/44200 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1006-1 Third Party Advisory
http://www.vupen.com/english/advisories/2010/2722 Third Party Advisory
http://www.vupen.com/english/advisories/2010/3046 Third Party Advisory
http://www.vupen.com/english/advisories/2011/0212 Third Party Advisory
http://www.vupen.com/english/advisories/2011/0216 Third Party Advisory
http://www.vupen.com/english/advisories/2011/0552 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11909 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-08-24 20:00

Updated : 2023-12-10 11:03


NVD link : CVE-2010-3116

Mitre link : CVE-2010-3116

CVE.ORG link : CVE-2010-3116


JSON object : View

Products Affected

apple

  • iphone_os
  • safari

google

  • chrome

webkitgtk

  • webkitgtk

canonical

  • ubuntu_linux
CWE
CWE-416

Use After Free