Unrated severityNVD Advisory· Published Sep 9, 2010· Updated Apr 29, 2026

CVE-2010-1812

Description

Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Use-after-free in WebKit's selection handling allows remote code execution via crafted website; fixed in iOS 4.1 and webkitgtk 1.2.6.

Vulnerability

A use-after-free vulnerability exists in WebKit's handling of selections. Affected versions include Apple iOS before 4.1 on iPhone and iPod touch, and webkitgtk before 1.2.6. The bug is triggered when processing specially crafted web content that involves selections, leading to memory corruption.

Exploitation

An attacker can exploit this remotely by luring a user to a malicious website. No authentication is required; the user only needs to visit the site. The use-after-free occurs during selection processing, allowing the attacker to control the freed memory.

Impact

Successful exploitation allows arbitrary code execution in the context of the application (MobileSafari or any webkit-based app) or denial of service (application crash). On iOS, this could lead to full system compromise.

Mitigation

Fixed in iOS 4.1 (released September 2010) [3] and webkitgtk 1.2.6 (included in Red Hat updates [4]). Users should update to these versions. No workaround is available.

References

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Webkitgtk/Webkitgtk2 versions
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*range: <1.2.6
- (no CPE)range: <1.2.6
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <4.1
Canonical/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Apple Inc./iOSllm-fuzzy
Range: <4.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2010//Nov/msg00002.htmlnvdMailing ListVendor Advisory
lists.apple.com/archives/security-announce/2010//Nov/msg00003.htmlnvdMailing ListVendor Advisory
lists.apple.com/archives/security-announce/2010//Sep/msg00002.htmlnvdMailing ListVendor Advisory
lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlnvdMailing ListThird Party Advisory
secunia.com/advisories/41856nvdThird Party Advisory
secunia.com/advisories/42314nvdThird Party Advisory
secunia.com/advisories/43068nvdThird Party Advisory
secunia.com/advisories/43086nvdThird Party Advisory
support.apple.com/kb/HT4334nvdVendor Advisory
support.apple.com/kb/HT4455nvdVendor Advisory
support.apple.com/kb/HT4456nvdVendor Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2011-0177.htmlnvdThird Party Advisory
www.securityfocus.com/bid/43079nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-1006-1nvdThird Party Advisory
www.vupen.com/english/advisories/2010/2722nvdThird Party AdvisoryVendor Advisory
www.vupen.com/english/advisories/2011/0212nvdThird Party Advisory
www.vupen.com/english/advisories/2011/0216nvdThird Party Advisory
www.vupen.com/english/advisories/2011/0552nvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/61699nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000