CVE-2010-1814 — MEDIUM (6.8)

Q: How severe is CVE-2010-1814?

CVE-2010-1814 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2010-1814?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Ipod Touch, Webkitgtk Webkitgtk, Canonical Ubuntu Linux.

Vulnerability Description

WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Apple	Iphone Os	< 4.1
Apple	Ipod Touch	-
Webkitgtk	Webkitgtk	< 1.2.6
Canonical	Ubuntu Linux	9.10

Related Weaknesses (CWE)

CWE-119

References

http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.htmlMailing ListVendor Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.htmlMailing ListVendor Advisory
http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.htmlMailing ListVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlMailing ListThird Party Advisory
http://secunia.com/advisories/41856Third Party Advisory
http://secunia.com/advisories/42314Third Party Advisory
http://secunia.com/advisories/43068Third Party Advisory
http://secunia.com/advisories/43086Third Party Advisory
http://support.apple.com/kb/HT4334Vendor Advisory
http://support.apple.com/kb/HT4455Vendor Advisory
http://support.apple.com/kb/HT4456Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0177.htmlThird Party Advisory
http://www.securityfocus.com/bid/43083Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-1006-1Third Party Advisory

FAQ

What is CVE-2010-1814?

CVE-2010-1814 is a vulnerability with a CVSS score of 6.8 (MEDIUM). WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

How severe is CVE-2010-1814?

CVE-2010-1814 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-1814?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Ipod Touch, Webkitgtk Webkitgtk, Canonical Ubuntu Linux.