CVE-2010-0048

UNKNOWN

Published 2010-03-12T20:00:00

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2010-0048. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

8.8

/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14

0.047

probability

of exploitation in the wild

There is a 4.7% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25

Exploit Probability

Percentile: 0.889

Higher than 88.9% of all CVEs

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Impact Metrics

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Description

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

apple

safari

Affected Versions:

apple

safari

Affected Versions:

4.0 4.0.1 4.0.2 4.0.3

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-fjgj-7v2v-3cmq

Advisory Details

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2010-0048

WEB https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7135

WEB http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

WEB http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

WEB http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html

WEB http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html

WEB http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html

WEB http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

WEB http://secunia.com/advisories/41856

WEB http://secunia.com/advisories/43068

WEB http://support.apple.com/kb/HT4070

WEB http://support.apple.com/kb/HT4225

WEB http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

WEB http://www.securityfocus.com/bid/38671

WEB http://www.securitytracker.com/id?1023708

WEB http://www.ubuntu.com/usn/USN-1006-1

WEB http://www.vupen.com/english/advisories/2010/2722

WEB http://www.vupen.com/english/advisories/2011/0212

WEB http://www.vupen.com/english/advisories/2011/0552

Advisory provided by GitHub Security Advisory Database. Published: May 2, 2022, Modified: October 16, 2024

References

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

http://www.vupen.com/english/advisories/2010/2722

http://secunia.com/advisories/43068

http://www.ubuntu.com/usn/USN-1006-1

http://www.securitytracker.com/id?1023708

http://secunia.com/advisories/41856

http://www.vupen.com/english/advisories/2011/0212

http://support.apple.com/kb/HT4225

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html

http://support.apple.com/kb/HT4070

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://www.vupen.com/english/advisories/2011/0552

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7135

http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

http://www.securityfocus.com/bid/38671

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html

Published: 2010-03-12T20:00:00

Last Modified: 2024-10-15T20:47:29.773Z

Copied to clipboard!

CVE-2010-0048

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

safari

Affected Versions:

safari

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!