PT-2010-3453 · Google+1 · Google Chrome+3
Chasen Le Hara
·
Published
2010-09-24
·
Updated
2020-07-31
·
CVE-2010-1823
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
WebKit versions before r65958
Google Chrome versions before 6.0.472.59
Description
A use-after-free issue allows remote attackers to cause a denial of service or possibly have other unspecified impacts via vectors that trigger the use of document APIs, such as
document.close(), during parsing. This can be demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font.Recommendations
For WebKit versions before r65958, update to version r65958 or later.
For Google Chrome versions before 6.0.472.59, update to version 6.0.472.59 or later.
Fix
DoS
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Google Chrome
Safari
Webkit
Itunes