Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.

Published : 2010-03-19 21:30 Updated : 2019-09-26 17:05

CVSS Score More info
Score 5.0 / 10
Vendor Product Version URI
Apple Safari 4.0.4 cpe:/a:apple:safari:4.0.4
Google Chrome cpe:/a:google:chrome:
Apple Safari cpe:/a:apple:safari
  1. Apple (1) Search CVE
    1. Safari (2) Search CVE
      1. 4.0.4
  2. Google (1) Search CVE
    1. Chrome (1) Search CVE


ID Name Description Links
CWE-399 Resource Management Errors Weaknesses in this category are related to improper management of system resources. CVE