Numeric Errors
CVE-2010-1408
Summary
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, related to an "integer truncation issue." NOTE: this may overlap CVE-2010-1099.
- MEDIUM
- NETWORK
- NONE
- PARTIAL
- NONE
- NONE
CWE-189 - Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
References
Advisory Timeline
- Published
