WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
Max CVSS
9.3
EPSS Score
92.22%
Published
2010-09-10
Updated
2017-09-19
1 vulnerabilities found