CVE-2010-3259

N/A Unknown
Published: September 07, 2010 Modified: April 29, 2026
View on NVD

Description

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=53001
Source: cve@mitre.org
Patch Vendor Advisory
http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html
Source: cve@mitre.org
Vendor Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://secunia.com/advisories/41856
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/42314
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/43068
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/43086
Source: cve@mitre.org
Third Party Advisory
http://support.apple.com/kb/HT4455
Source: cve@mitre.org
Third Party Advisory
http://support.apple.com/kb/HT4456
Source: cve@mitre.org
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
Source: cve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0177.html
Source: cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/bid/44206
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1006-1
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2722
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3046
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0212
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0216
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0552
Source: cve@mitre.org
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11221
Source: cve@mitre.org
Third Party Advisory
https://technet.microsoft.com/library/security/msvr11-002
Source: cve@mitre.org
Broken Link
http://code.google.com/p/chromium/issues/detail?id=53001
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://secunia.com/advisories/41856
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/42314
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43068
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43086
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.apple.com/kb/HT4455
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.apple.com/kb/HT4456
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0177.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/44206
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1006-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2722
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3046
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0212
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0216
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0552
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11221
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://technet.microsoft.com/library/security/msvr11-002
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

44 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.6%
73th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-200

Affected Vendors

webkitgtk apple google canonical

Related CVEs

CVE-2026-8662 3.3
CVE-2026-8658 6.0
CVE-2026-8666 7.7
CVE-2026-8665 7.7
CVE-2026-8664 6.0