Apple : Security Vulnerabilities, CVEs, Published In June 2010 (Memory corruption)
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving fonts.
Max CVSS
9.3
EPSS Score
10.38%
Published
2010-06-11
Updated
2017-09-19
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue."
Max CVSS
9.3
EPSS Score
96.47%
Published
2010-06-11
Updated
2020-08-07
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees.
Max CVSS
9.3
EPSS Score
13.98%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Node.normalize method.
Max CVSS
9.3
EPSS Score
13.98%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving DOM Range objects.
Max CVSS
9.3
EPSS Score
10.38%
Published
2010-06-11
Updated
2017-09-19
ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.
Max CVSS
6.8
EPSS Score
0.77%
Published
2010-06-22
Updated
2022-08-09
Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.
Max CVSS
9.3
EPSS Score
2.80%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that has been referenced multiple times.
Max CVSS
9.3
EPSS Score
9.11%
Published
2010-06-11
Updated
2018-10-10
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a certain window close action that occurs during a drag-and-drop operation.
Max CVSS
9.3
EPSS Score
18.52%
Published
2010-06-11
Updated
2017-09-19
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content that contains multiple :after pseudo-selectors.
Max CVSS
9.3
EPSS Score
4.58%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the removeChild DOM method.
Max CVSS
9.3
EPSS Score
10.38%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to hover events.
Max CVSS
9.3
EPSS Score
18.52%
Published
2010-06-11
Updated
2017-09-19
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document with nested use elements.
Max CVSS
9.3
EPSS Score
4.58%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML element that has custom vertical positioning.
Max CVSS
9.3
EPSS Score
10.38%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG document that contains recursive Use elements, which are not properly handled during page deconstruction.
Max CVSS
9.3
EPSS Score
12.14%
Published
2010-06-11
Updated
2018-10-10
Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, related to duplicate event listeners, a timer, and an AnimateTransform object.
Max CVSS
9.3
EPSS Score
33.64%
Published
2010-06-11
Updated
2018-10-10
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element.
Max CVSS
9.3
EPSS Score
86.90%
Published
2010-06-11
Updated
2018-10-10
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving caption elements.
Max CVSS
9.3
EPSS Score
13.98%
Published
2010-06-11
Updated
2017-09-19
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element.
Max CVSS
9.3
EPSS Score
8.13%
Published
2010-06-11
Updated
2018-10-10
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type.
Max CVSS
9.3
EPSS Score
8.46%
Published
2010-06-11
Updated
2018-10-10
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and removing container elements.
Max CVSS
9.3
EPSS Score
86.90%
Published
2010-06-11
Updated
2017-09-19
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to HTML buttons and the first-letter CSS style.
Max CVSS
9.3
EPSS Score
88.74%
Published
2010-06-11
Updated
2018-10-10
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.
Max CVSS
9.3
EPSS Score
4.01%
Published
2010-06-18
Updated
2022-08-09
Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
Max CVSS
9.3
EPSS Score
1.94%
Published
2010-06-11
Updated
2017-09-19
ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with MPEG2 encoding.
Max CVSS
6.8
EPSS Score
0.27%
Published
2010-06-17
Updated
2010-06-17