CVE-2010-1387

 

Published at: - 18-06-2010 06:30

Last modified: - 02-09-2022 03:42

Total changes: - 3

Description

Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:C/I:C/A:C

 

Verification logic

 

Reference

• 1024108-
• APPLE-SA-2010-06-16-1-Vendor Advisory
• http://support.apple.com/kb/HT4220
• ADV-2010-1512-Vendor Advisory
• APPLE-SA-2010-06-21-1-Vendor Advisory
• 40196-Vendor Advisory
• http://support.apple.com/kb/HT4225
• 41016-
• ADV-2010-2722-Vendor Advisory
• 41856-Vendor Advisory
• USN-1006-1-
• APPLE-SA-2010-11-22-1-Vendor Advisory
• http://support.apple.com/kb/HT4456
• 42314-Vendor Advisory
• 43068-Vendor Advisory
• SUSE-SR:2011:002-
• ADV-2011-0212-Vendor Advisory
• MDVSA-2011:039-
• ADV-2011-0552-Vendor Advisory
• itunes-webkit-unspecified-var1(59506)-
• oval:org.mitre.oval:def:7061-

 

Keywords

NVD

 

CVE-2010-1387

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures