FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-4577

This CVE name corresponds to:

Entered Topic
2010-12-30 webkit-gtk2 -- Multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-4577 at cve.mitre.org

Details

Type Candidate
Name CVE-2010-4577
Phase Assigned(20101221)

Description

The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."

References

Source Reference
MISC http://trac.webkit.org/changeset/72685
MISC http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp
MISC https://bugs.webkit.org/show_bug.cgi?id=49883
CONFIRM http://code.google.com/p/chromium/issues/detail?id=63866
CONFIRM http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=667025
DEBIAN DSA-2188
FEDORA FEDORA-2011-0121
GENTOO GLSA-201012-01
REDHAT RHSA-2011:0177
BID 45722
OVAL oval:org.mitre.oval:def:13953
SECUNIA 42648
SECUNIA 43086
VUPEN ADV-2011-0216

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.