Описание
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
Ссылки
- Mailing ListVendor Advisory
- Release NotesVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Mailing ListPatchVendor Advisory
- Broken Link
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Permissions RequiredVendor Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
Off-by-one error in the toAlphabetic function in rendering/RenderListM ...
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2