NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

NIST CWE-416

NIST CWE-399

OR
     *cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
     *cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (including) 4.0.4

OR
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 4.0.5
     *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 2.0 up to (excluding) 4.0

OR
     *cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
     *cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
     *cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html No Types Assigned

http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html Mailing List

http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html Vendor Advisory

http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html Mailing List, Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html No Types Assigned

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html Mailing List

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html No Types Assigned

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html Mailing List

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html No Types Assigned

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html Mailing List

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html Mailing List

http://secunia.com/advisories/41856 No Types Assigned

http://secunia.com/advisories/41856 Broken Link

http://secunia.com/advisories/43068 No Types Assigned

http://secunia.com/advisories/43068 Broken Link

http://support.apple.com/kb/HT4225 No Types Assigned

http://support.apple.com/kb/HT4225 Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 No Types Assigned

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 Broken Link

http://www.securityfocus.com/bid/38671 Patch

http://www.securityfocus.com/bid/38671 Broken Link, Patch, Third Party Advisory, VDB Entry

http://www.securitytracker.com/id?1023708 No Types Assigned

http://www.securitytracker.com/id?1023708 Broken Link, Third Party Advisory, VDB Entry

http://www.ubuntu.com/usn/USN-1006-1 No Types Assigned

http://www.ubuntu.com/usn/USN-1006-1 Third Party Advisory

http://www.vupen.com/english/advisories/2010/2722 No Types Assigned

http://www.vupen.com/english/advisories/2010/2722 Broken Link

http://www.vupen.com/english/advisories/2011/0212 No Types Assigned

http://www.vupen.com/english/advisories/2011/0212 Broken Link

http://www.vupen.com/english/advisories/2011/0552 No Types Assigned

http://www.vupen.com/english/advisories/2011/0552 Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/56836 No Types Assigned

https://exchange.xforce.ibmcloud.com/vulnerabilities/56836 Third Party Advisory, VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587 No Types Assigned

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587 Broken Link

Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html


'WebKit
CVE-ID:  CVE-2010-0050
Available for:  Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later,
Windows 7, Vista, XP
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A use-after-free issue exists in WebKit's handling of
incorrectly nested HTML tags. Visiting a maliciously crafted website
may lead to an unexpected application termination or arbitrary code
execution. This issue is addressed through improved memory reference
tracking. Credit to wushi&Z of team509 working with TippingPoint's
Zero Day Initiative for reporting this issue.'

Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html


'WebKit
CVE-ID:  CVE-2010-0050
Available for:  Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later,
Windows 7, Vista, XP
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A use-after-free issue exists in WebKit's handling of
incorrectly nested HTML tags. Visiting a maliciously crafted website
may lead to an unexpected application termination or arbitrary code
execution. This issue is addressed through improved memory reference
tracking. Credit to wushi&Z of team509 working with TippingPoint's
Zero Day Initiative for reporting this issue.'

Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

'Safari 4.0.5 is available via the Apple Software Update application,
or Apple's Safari download site at:
http://www.apple.com/safari/download/'

Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

'Safari 4.0.5 is available via the Apple Software Update application,
or Apple's Safari download site at:
http://www.apple.com/safari/download/'