The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Jan 2025, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13953 - Broken Link, Third Party Advisory | |
| References | () http://secunia.com/advisories/43086 - Broken Link, Third Party Advisory | |
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=667025 - Issue Tracking, Third Party Advisory | |
| References | () http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp - Mailing List, Patch | |
| References | () http://www.securityfocus.com/bid/45722 - Broken Link, Third Party Advisory, VDB Entry | |
| References | () http://www.redhat.com/support/errata/RHSA-2011-0177.html - Broken Link, Third Party Advisory | |
| References | () http://secunia.com/advisories/42648 - Broken Link, Third Party Advisory | |
| References | () http://www.vupen.com/english/advisories/2011/0216 - Broken Link, Third Party Advisory | |
| References | () http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html - Mailing List, Third Party Advisory | |
| References | () https://bugs.webkit.org/show_bug.cgi?id=49883 - Permissions Required | |
| References | () http://www.debian.org/security/2011/dsa-2188 - Mailing List, Third Party Advisory | |
| References | () http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml - Third Party Advisory | |
| References | () http://trac.webkit.org/changeset/72685 - Mailing List, Patch | |
| References | () http://code.google.com/p/chromium/issues/detail?id=63866 - Exploit, Issue Tracking, Mailing List | |
| References | () http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html - Release Notes |
02 Feb 2024, 02:39
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-843 | |
| CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
| References | (SECUNIA) http://secunia.com/advisories/43086 - Broken Link, Third Party Advisory | |
| References | (MISC) http://trac.webkit.org/changeset/72685 - Mailing List, Patch | |
| References | (CONFIRM) http://code.google.com/p/chromium/issues/detail?id=63866 - Exploit, Issue Tracking, Mailing List | |
| References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html - Mailing List, Third Party Advisory | |
| References | (MISC) http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp - Mailing List, Patch | |
| References | (CONFIRM) http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html - Release Notes | |
| References | (DEBIAN) http://www.debian.org/security/2011/dsa-2188 - Mailing List, Third Party Advisory | |
| References | (VUPEN) http://www.vupen.com/english/advisories/2011/0216 - Broken Link, Third Party Advisory | |
| References | (SECUNIA) http://secunia.com/advisories/42648 - Broken Link, Third Party Advisory | |
| References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2011-0177.html - Broken Link, Third Party Advisory | |
| References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13953 - Broken Link, Third Party Advisory | |
| References | (BID) http://www.securityfocus.com/bid/45722 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2010-12-22 01:00
Updated : 2025-01-21 18:15
NVD link : CVE-2010-4577
Mitre link : CVE-2010-4577
JSON object : View
Products Affected
debian
- debian_linux
fedoraproject
- fedora
webkitgtk
- webkitgtk
- chrome_os
- chrome