FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-1386

This CVE name corresponds to:

Entered Topic
2010-07-18 webkit-gtk2 -- Multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2010-1386
Phase Assigned(20100415)

Description

page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.

References

Source Reference
CONFIRM http://security-tracker.debian.org/tracker/CVE-2010-1386
CONFIRM http://trac.webkit.org/changeset/56188
CONFIRM https://bugs.webkit.org/show_bug.cgi?id=36255
MANDRIVA MDVSA-2011:039
SUSE SUSE-SR:2011:002
UBUNTU USN-1006-1
BID 42500
SECUNIA 41856
SECUNIA 43068
VUPEN ADV-2010-2722
VUPEN ADV-2011-0212
VUPEN ADV-2011-0552