HTTP: Apple Safari CSS format Argument Handling Memory Corruption
A memory corruption vulnerability exists in Apple Safari. The vulnerability is due to an error while processing CSS format arguments. A remote attacker can exploit this vulnerability by enticing a target user to open a malicious web page with a vulnerable application. In attack scenarios where code execution is successful the behaviour of the target machine would depend entirely on the intention of the injected code, which would run within the security context of the logged on user. In situations where code execution is not successful, the vulnerable application may terminate abnormally, leading to a denial of service condition.
Extended Description
WebKit is prone to a remote memory-corruption vulnerability; fixes are available. Successful exploits may allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. This issue was previously documented in BID 38671 (Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities) but has been given its own record to better document it.
Affected Products
Apple ipod_touch,Red_hat fedora
Short Name
HTTP:STC:SAFARI:CSS-FORMAT-HINT
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple Argument CSS CVE-2010-0046 Corruption Handling Memory Safari bid:38684 format
Release Date
10/19/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Mandriva
Webkit_open_source_project
Apple
Ubuntu
CVSS Score
9.3