CVE-2010-4577

Опубликовано: 22 дек. 2010

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."

Ссылки

http://code.google.com/p/chromium/issues/detail?id=63866
Exploit
Issue Tracking
Mailing List
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html
Release Notes
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html
Mailing List
Third Party Advisory
http://secunia.com/advisories/42648
Broken Link
Third Party Advisory
http://secunia.com/advisories/43086
Broken Link
Third Party Advisory
http://trac.webkit.org/changeset/72685
Mailing List
Patch
http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp
Mailing List
Patch
http://www.debian.org/security/2011/dsa-2188
Mailing List
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0177.html
Broken Link
Third Party Advisory
http://www.securityfocus.com/bid/45722
Broken Link
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2011/0216
Broken Link
Third Party Advisory
https://bugs.webkit.org/show_bug.cgi?id=49883
Permissions Required
https://bugzilla.redhat.com/show_bug.cgi?id=667025
Issue Tracking
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13953
Broken Link
Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=63866
Exploit
Issue Tracking
Mailing List
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html
Release Notes
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html
Mailing List
Third Party Advisory
http://secunia.com/advisories/42648
Broken Link
Third Party Advisory
http://secunia.com/advisories/43086
Broken Link
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 8.0.552.224 (исключая)

cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*

Версия до 1.2.6 (исключая)

cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*

Версия до 8.0.552.343 (исключая)

Конфигурация 2

cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04266

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2010-4577

CVSS3: 7.5

ubuntu

больше 14 лет назад

CVE-2010-4577

redhat

больше 14 лет назад

CVE-2010-4577

CVSS3: 7.5

debian

больше 14 лет назад

The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp ...

GHSA-9j34-5qgm-c4jh

CVSS3: 7.5

github

около 3 лет назад

ELSA-2011-0177

oracle-oval

больше 14 лет назад

ELSA-2011-0177: webkitgtk security update (MODERATE)

EPSS

Процентиль: 88%

0.04266

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125