CVE-2010-3116 Information

Description

Multiple use-after-free vulnerabilities in WebKit as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.

Reference

http://code.google.com/p/chromium/issues/detail?id=50515 http://code.google.com/p/chromium/issues/detail?id=51835 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4455 http://support.apple.com/kb/HT4456 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44200 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2010/3046 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0216 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11909