Use-after-free vulnerability in WebKit in Apple Safari prior to 5.0 on Mac OS X 10.5 up to and including 10.6 and Windows, Safari prior to 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote malicious users to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apple safari 4.0.4 |
||
apple safari |
||
apple safari 3.0.1 |
||
apple safari 3.0.1b |
||
apple safari 3.1 |
||
apple safari 3.1.0 |
||
apple safari 3.2.3 |
||
apple safari 2 |
||
apple safari 2.0.3 |
||
apple safari 1.0.2 |
||
apple safari 1.0.3 |
||
apple safari 1.1.1 |
||
apple safari 1.2 |
||
apple safari 1.3.0 |
||
apple safari 1.3.1 |
||
apple safari 4.0.0b |
||
apple safari 4.0 |
||
apple safari 4.1 |
||
apple safari 3.0.2 |
||
apple safari 3.0.2b |
||
apple safari 3.1.0b |
||
apple safari 3.1.1 |
||
apple safari 2.0 |
||
apple safari 2.0.0 |
||
apple safari 2.0.4 |
||
apple safari 1.0 |
||
apple safari 1.2.0 |
||
apple safari 1.2.1 |
||
apple safari 1.2.2 |
||
apple safari 1.3.2 |
||
apple safari 4.0.2 |
||
apple safari 4.0.3 |
||
apple safari 3.0.0 |
||
apple safari 3.0.0b |
||
apple safari 3.0.4 |
||
apple safari 3.0.4b |
||
apple safari 3.2.1 |
||
apple safari 3.2.2 |
||
apple safari 1.0.0b2 |
||
apple safari 1.0.1 |
||
apple safari 1.1 |
||
apple safari 1.1.0 |
||
apple safari 1.2.5 |
||
apple safari 1.3 |
||
apple safari 4.0.1 |
||
apple safari 3 |
||
apple safari 3.0 |
||
apple safari 3.0.3 |
||
apple safari 3.0.3b |
||
apple safari 3.1.2 |
||
apple safari 3.2.0 |
||
apple safari 2.0.1 |
||
apple safari 2.0.2 |
||
apple safari 1.0.0 |
||
apple safari 1.0.0b1 |
||
apple safari 1.2.3 |
||
apple safari 1.2.4 |
||
apple mac_os_x 10.5.1 |
||
apple mac_os_x 10.5.2 |
||
apple mac_os_x 10.6.0 |
||
apple mac_os_x_server 10.6.0 |
||
apple mac_os_x_server 10.5.6 |
||
apple mac_os_x_server 10.5.7 |
||
apple mac_os_x 10.5.3 |
||
apple mac_os_x 10.5.4 |
||
apple mac_os_x_server 10.5.0 |
||
apple mac_os_x_server 10.5.1 |
||
apple mac_os_x_server 10.5.8 |
||
apple mac_os_x_server 10.6.1 |
||
apple mac_os_x 10.5 |
||
apple mac_os_x 10.5.0 |
||
apple mac_os_x 10.5.7 |
||
apple mac_os_x 10.5.8 |
||
apple mac_os_x_server 10.5.4 |
||
apple mac_os_x_server 10.5.5 |
||
apple mac_os_x_server 10.6.4 |
||
apple mac_os_x 10.5.5 |
||
apple mac_os_x 10.5.6 |
||
apple mac_os_x_server 10.5.2 |
||
apple mac_os_x_server 10.5.3 |
||
apple mac_os_x_server 10.6.2 |
||
apple mac_os_x_server 10.6.3 |
||
apple iphone os 2.0 |
||
apple iphone os 2.0.0 |
||
apple iphone os 3.0 |
||
apple iphone os 3.0.1 |
||
apple iphone os 3.1 |
||
apple iphone os 2.0.1 |
||
apple iphone os 2.0.2 |
||
apple iphone os 3.1.2 |
||
apple iphone os 3.1.3 |
||
apple iphone os 2.2 |
||
apple iphone os 2.2.1 |
||
apple iphone os 2.1 |
||
apple iphone os 2.1.1 |
Vulmon