CVE-2010-1119

CVE-2010-1119 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.

Learn more about our Web App Pen Testing.