CVE-2010-1822

8.8 HIGH

Published: October 04, 2010 Modified: April 29, 2026

Description

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=55114

Source: product-security@apple.com

Exploit Issue Tracking Mailing List Vendor Advisory

http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html

Source: product-security@apple.com

Release Notes Vendor Advisory

http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html

Source: product-security@apple.com

Mailing List Vendor Advisory

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Source: product-security@apple.com

Mailing List Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: product-security@apple.com

Mailing List Third Party Advisory

http://secunia.com/advisories/42314

Source: product-security@apple.com

Broken Link

http://secunia.com/advisories/43068

Source: product-security@apple.com

Broken Link

http://support.apple.com/kb/HT4455

Source: product-security@apple.com

Vendor Advisory

http://support.apple.com/kb/HT4456

Source: product-security@apple.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/3046

Source: product-security@apple.com

Broken Link Vendor Advisory

http://www.vupen.com/english/advisories/2011/0212

Source: product-security@apple.com

Broken Link Vendor Advisory

https://bugs.webkit.org/show_bug.cgi?id=45562

Source: product-security@apple.com

Permissions Required Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6691

Source: product-security@apple.com

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=55114

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Issue Tracking Mailing List Vendor Advisory

http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html

Source: af854a3a-2127-422b-91ae-364da2661108

Release Notes Vendor Advisory

http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Vendor Advisory

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory

http://secunia.com/advisories/42314

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://secunia.com/advisories/43068

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://support.apple.com/kb/HT4455

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://support.apple.com/kb/HT4456

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2010/3046

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link Vendor Advisory

http://www.vupen.com/english/advisories/2011/0212

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link Vendor Advisory

https://bugs.webkit.org/show_bug.cgi?id=45562

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6691

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

26 reference(s) from NVD

Quick Stats

CVSS v3 Score

8.8 / 10.0

EPSS (Exploit Probability)

4.1%

89th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-704

Affected Vendors

opensuse apple google

Related CVEs

CVE-2026-7779 4.3

CVE-2026-42238 N/A

CVE-2026-42223 6.5

CVE-2026-42222 8.1

CVE-2026-42221 8.1