PT-2010-5354 · Google+3 · Google Chrome+3
Published
2010-11-05
·
Updated
2020-07-31
·
CVE-2010-4206
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
WebKit versions prior to 7.0.517.44
webkitgtk versions prior to 1.2.6
Google Chrome versions prior to 7.0.517.44
Description
The issue is related to an array index error in the FEBlend::apply function, which can be triggered by a crafted SVG document. This error may cause a denial of service and potentially allow the execution of arbitrary code, particularly in the context of applying filters in the application.
Recommendations
For WebKit versions prior to 7.0.517.44, update to version 7.0.517.44 or later.
For webkitgtk versions prior to 1.2.6, update to version 1.2.6 or later.
For Google Chrome versions prior to 7.0.517.44, update to version 7.0.517.44 or later.
Exploit
Fix
DoS
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Google Chrome
Red Hat
Webkit
Webkitgtk