FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-1290

This CVE name corresponds to:

Entered	Topic
2010-12-07	chromium -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-1290 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2011-1290
Phase	Assigned(20110306)

Description

Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.

References

Source	Reference
BUGTRAQ	20110414 ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability
MISC	http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
MISC	http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
MISC	http://www.zerodayinitiative.com/advisories/ZDI-11-104
CONFIRM	http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
CONFIRM	http://www.blackberry.com/btsc/KB26132
CONFIRM	http://support.apple.com/kb/HT4596
CONFIRM	http://support.apple.com/kb/HT4607
APPLE	APPLE-SA-2011-04-14-1
APPLE	APPLE-SA-2011-04-14-2
APPLE	APPLE-SA-2011-04-14-3
DEBIAN	DSA-2192
BID	46849
OSVDB	71182
SECTRACK	1025212
SECUNIA	43748
SECUNIA	43735
SECUNIA	43782
SECUNIA	44151
SECUNIA	44154
VUPEN	ADV-2011-0645
VUPEN	ADV-2011-0654
VUPEN	ADV-2011-0671
VUPEN	ADV-2011-0984
XF	google-webkit-style-code-execution(66052)