CVE-2010-1029

Name: CVE-2010-1029
Creator: NVD / NIST
Published: 2010-03-19T21:30:00.327+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 10.38%

Last modified Jun 16, 2026

CVE-2010-1029 is a vulnerability of currently unknown severity. Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.. EPSS estimates a 10.38% chance of exploitation in the next 30 days.

Description

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.

Metrics

EPSS Probability

10.38%

95.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-399

Affected Software

Vendor	Product	Versions
Apple	Safari	4.0.4
Google	Chrome	4.0.249.0
Apple	Safari	All versions

References

Timeline

Published: Mar 19, 2010
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2010-1029?

How severe is CVE-2010-1029?

Severity scoring for CVE-2010-1029 is pending analysis. The EPSS model estimates a 10.38% probability of exploitation in the next 30 days.

How do I fix CVE-2010-1029?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-1029?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST