CVE-2010-3257 Information

Description

Use-after-free vulnerability in WebKit as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus.

Reference

http://code.google.com/p/chromium/issues/detail?id=52443 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4455 http://support.apple.com/kb/HT4456 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44204 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2010/3046 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0216 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A12138