PT-2010-3453 · Google+1 · Google Chrome+3
Chasen Le Hara
·
Publicado
2010-09-24
·
Atualizado
2020-07-31
·
CVE-2010-1823
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
WebKit versions before r65958
Google Chrome versions before 6.0.472.59
Description
A use-after-free issue allows remote attackers to cause a denial of service or possibly have other unspecified impacts via vectors that trigger the use of document APIs, such as
document.close(), during parsing. This can be demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font.Recommendations
For WebKit versions before r65958, update to version r65958 or later.
For Google Chrome versions before 6.0.472.59, update to version 6.0.472.59 or later.
Correção
DoS
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Google Chrome
Safari
Webkit
Itunes