Search for vulnerabilities
Vulnerability ID | VCID-6sza-qaw5-aaad |
Aliases |
CVE-2010-4206
|
Summary | Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters. |
Status | Published |
Exploitability | 0.5 |
Weighted Severity | 7.9 |
Risk | 4.0 |
Affected and Fixed Packages | Package Details |
CWE-787 | Out-of-bounds Write |
Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
Attack Vector (AV) | Attack Complexity (AC) | Privileges Required (PR) | User Interaction (UI) | Scope (S) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|---|
network adjacent_network local physical |
low high |
none low high |
none required |
unchanged changed |
high low none |
high low none |
high low none |
Attack Vector (AV) | Attack Complexity (AC) | Privileges Required (PR) | User Interaction (UI) | Scope (S) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|---|
network adjacent_network local physical |
low high |
none low high |
none required |
unchanged changed |
high low none |
high low none |
high low none |
Percentile | 0.84202 |
EPSS Score | 0.01017 |
Published At | Nov. 1, 2024, midnight |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
There are no relevant records. |