CVE-2010-1385 | Vulnerability Database | Aqua Security

Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

Affected Software

Name	Vendor	Start Version	End Version
Safari	Apple	*	4.0.5 (including)
Safari	Apple	4.0 (including)	4.0 (including)
Safari	Apple	4.0.0b (including)	4.0.0b (including)
Safari	Apple	4.0.1 (including)	4.0.1 (including)
Safari	Apple	4.0.2 (including)	4.0.2 (including)
Safari	Apple	4.0.3 (including)	4.0.3 (including)
Safari	Apple	4.0.4 (including)	4.0.4 (including)

References

http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html
http://secunia.com/advisories/40105
http://securitytracker.com/id?1024067
http://support.apple.com/kb/HT4196
http://www.securityfocus.com/bid/40620
http://www.vupen.com/english/advisories/2010/1373
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7199

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-1385
CWE	https://cwe.mitre.org/data/definitions/399.html