CVE-2010-3805

Loading...

General

Score:9.3/10.0
Severity:High
Category:Numeric Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2009-1707, CVE-2010-0042, CVE-2010-0051, CVE-2010-0544, CVE-2010-1205, CVE-2010-1384, CVE-2010-1387, CVE-2010-1392, CVE-2010-1394, CVE-2010-1403, CVE-2010-1405, CVE-2010-1407, CVE-2010-1408, CVE-2010-1410, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1421, CVE-2010-1422, CVE-2010-1757, CVE-2010-1758, CVE-2010-1764, CVE-2010-1770, CVE-2010-1771, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1791, CVE-2010-1793, CVE-2010-1806, CVE-2010-1807, CVE-2010-1811, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1843, CVE-2010-2249, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3786, CVE-2010-3803, CVE-2010-3804, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3814, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3827, CVE-2010-3828, CVE-2010-3829, CVE-2010-3830, CVE-2010-3831, CVE-2010-3832, CVE-2010-4008

Published on 22/11/10 - Updated on 19/09/17

Description

Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving WebSockets. NOTE: this may overlap CVE-2010-3254.

Category: Numeric Error

CWE-189 (Numeric Errors)
Weaknesses in this category are related to improper calculation or conversion of numbers.

Security Notices

US National Vulnerability DatabaseCVE-2010-3805
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2010-AVI-558, CERTA-2010-AVI-565
Renater 2010/VULN469, 2010/VULN482

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
applesafari
applewebkit

Share this vulnerability with:

Twitter Facebook LinkedIn Mail