Описание
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | no webkit |
| devel | not-affected | webkit isn't built |
| esm-infra-legacy/trusty | not-affected | webkit isn't built |
| esm-infra/xenial | not-affected | webkit isn't built |
| hardy | not-affected | no webkit |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | not-affected | webkit isn't built |
| natty | not-affected | webkit isn't built |
| oneiric | not-affected | webkit isn't built |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | no update available |
| esm-apps/xenial | ignored | no update available |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [no update available]] |
| hardy | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| hardy | ignored | end of life |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.4.9-2ubuntu2 |
| esm-apps/xenial | not-affected | 2.4.9-2ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.4.8-1ubuntu1~ubuntu14.04.1]] |
| lucid | DNE | |
| precise | DNE | |
| quantal | DNE | |
| saucy | DNE | |
| trusty | not-affected | 2.4.8-1ubuntu1~ubuntu14.04.1 |
| trusty/esm | DNE | trusty was not-affected [2.4.8-1ubuntu1~ubuntu14.04.1] |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.
EPSS
6.8 Medium
CVSS2