Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving WebSockets. NOTE: this may overlap CVE-2010-3254.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Apple Safari 3.1.2
Apple Safari 1.3.2 312.6
Apple Safari 1.3.2 312.5
Apple Safari 3.0.4b
Apple Safari 1.2
Apple Safari 3.0
Apple Safari 1.1
Apple Safari 3.0.0b
Apple Safari 2
Apple Safari 3
Apple Safari 1.0
Apple Safari 5.0
Apple Safari 1.3
Apple Safari 5.0.2
Apple Safari 5.0.1
Apple Safari 1.0.0b1
Apple Safari 1.2.3
Apple Safari 1.0.0b2
Apple Safari 1.2.4
Apple Safari 1.0.3 85.8
Apple Safari 1.0.3
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.5
Apple Safari 3.0.3b
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.2.0
Apple Safari 3.1.0b
Apple Safari 2.0.3 417.9.2
Apple Safari 3.0.0
Apple Safari 1.0.0
Apple Safari 2.0.3 417.9.3
Apple Safari 3.0.1
Apple Safari 3.0.2
Apple Safari 3.2.0
Apple Safari 3.0.3
Apple Safari 3.2.1
Apple Safari 3.0.4
Apple Safari 3.2.2
Apple Safari 1.0.3 85.8.1
Apple Safari 2.0.0
Apple Safari 2.0.1
Apple Safari 1.0 Beta2
Apple Safari 2.0.2
Apple Safari 2.0
Apple Safari 2.0.3
Apple Safari 3.0.2b
Apple Safari 2.0.3 417.8
Apple Safari 2.0.4
Apple Safari 2.0.3 417.9
Apple Safari 4.1
Apple Safari 3.1.1
Apple Safari 3.1.0
Apple Safari 1.0 Beta
Apple WebKit
Apple Safari 1.1.1
Apple Safari 3.0.1b
Apple Safari 1.1.0
Apple Safari 1.3.1
Apple Safari 1.3.0
Apple Safari 4.1.1
Apple Safari 4.1.2
Apple Safari 1.3.2