Published: 15/06/2010 Updated: 05/08/2020

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome prior to 5.0.375.70 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome

<!-- CVE-2010-1759 webkit normalize bug Tested on Moto Droidx2 running 22 Droidx2 running 23 is vulnerable but exploit fails due to non-executable heap Still working on a way around that :) 21 - 23 emulator The changes needed are documented in the code The emulator is less consistent than the real phone Author: MJ Keith mjkeith[at]ev ...

CWE-416 http://secunia.com/advisories/40072 http://code.google.com/p/chromium/issues/detail?id=43315 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2011/0212 http://secunia.com/advisories/43068 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11357 https://nvd.nist.gov https://www.exploit-db.com/exploits/18446/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2300

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect