Unrated severityNVD Advisory· Published Sep 7, 2010· Updated Apr 29, 2026

CVE-2010-3257

Description

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus.

Affected products

Apple Inc./Safari
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Range: <4.1.3
Google/Chrome
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Range: <6.0.472.53
Webkitgtk/Webkitgtk\+
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
Range: <1.2.6
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <4.2
Canonical/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

code.google.com/p/chromium/issues/detailnvdVendor Advisory
googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.htmlnvdVendor Advisory
lists.apple.com/archives/security-announce/2010//Nov/msg00002.htmlnvdMailing ListThird Party Advisory
lists.apple.com/archives/security-announce/2010//Nov/msg00003.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlnvdMailing ListThird Party Advisory
secunia.com/advisories/41856nvdThird Party Advisory
secunia.com/advisories/42314nvdThird Party Advisory
secunia.com/advisories/43068nvdThird Party Advisory
secunia.com/advisories/43086nvdThird Party Advisory
support.apple.com/kb/HT4455nvdThird Party Advisory
support.apple.com/kb/HT4456nvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2011-0177.htmlnvdThird Party Advisory
www.securityfocus.com/bid/44204nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-1006-1nvdThird Party Advisory
www.vupen.com/english/advisories/2010/2722nvdThird Party Advisory
www.vupen.com/english/advisories/2010/3046nvdThird Party Advisory
www.vupen.com/english/advisories/2011/0212nvdThird Party Advisory
www.vupen.com/english/advisories/2011/0216nvdThird Party Advisory
www.vupen.com/english/advisories/2011/0552nvdThird Party Advisory
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12138nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000