English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.69182
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2011:0177
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0177.

WebKitGTK+ is the port of the portable web rendering engine WebKit to the
GTK+ platform.

Multiple memory corruption flaws were found in WebKit. Malicious web
content could cause an application using WebKitGTK+ to crash or,
potentially, execute arbitrary code with the privileges of the user running
the application. (CVE-2010-1782, CVE-2010-1783, CVE-2010-1784,
CVE-2010-1785, CVE-2010-1787, CVE-2010-1788, CVE-2010-1790, CVE-2010-1792,
CVE-2010-1807, CVE-2010-1814, CVE-2010-3114, CVE-2010-3116, CVE-2010-3119,
CVE-2010-3255, CVE-2010-3812, CVE-2010-4198)

Multiple use-after-free flaws were found in WebKit. Malicious web content
could cause an application using WebKitGTK+ to crash or, potentially,
execute arbitrary code with the privileges of the user running the
application. (CVE-2010-1780, CVE-2010-1786, CVE-2010-1793, CVE-2010-1812,
CVE-2010-1815, CVE-2010-3113, CVE-2010-3257, CVE-2010-4197, CVE-2010-4204)

Two array index errors, leading to out-of-bounds memory reads, were found
in WebKit. Malicious web content could cause an application using
WebKitGTK+ to crash. (CVE-2010-4206, CVE-2010-4577)

A flaw in WebKit could allow malicious web content to trick a user into
thinking they are visiting the site reported by the location bar, when the
page is actually content controlled by an attacker. (CVE-2010-3115)

It was found that WebKit did not correctly restrict read access to images
created from the canvas element. Malicious web content could allow a
remote attacker to bypass the same-origin policy and potentially access
sensitive image data. (CVE-2010-3259)

A flaw was found in the way WebKit handled DNS prefetching. Even when it
was disabled, web content containing certain link elements could cause
WebKitGTK+ to perform DNS prefetching. (CVE-2010-3813)

Users of WebKitGTK+ should upgrade to these updated packages, which contain
WebKitGTK+ version 1.2.6, and resolve these issues. All running
applications that use WebKitGTK+ must be restarted for this update to take
effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0177.html

Risk factor : Critical

CVSS Score:
10.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-1780
http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
BugTraq ID: 42020
http://www.securityfocus.com/bid/42020
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10964
http://www.redhat.com/support/errata/RHSA-2011-0177.html
http://secunia.com/advisories/41856
http://secunia.com/advisories/42314
http://secunia.com/advisories/43068
http://secunia.com/advisories/43086
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0216
http://www.vupen.com/english/advisories/2011/0552
Common Vulnerability Exposure (CVE) ID: CVE-2010-1782
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11935
SuSE Security Announcement: SUSE-SR:2010:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-1783
Debian Security Information: DSA-2188 (Google Search)
http://www.debian.org/security/2011/dsa-2188
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11820
Common Vulnerability Exposure (CVE) ID: CVE-2010-1784
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11766
Common Vulnerability Exposure (CVE) ID: CVE-2010-1785
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11941
Common Vulnerability Exposure (CVE) ID: CVE-2010-1786
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11837
Common Vulnerability Exposure (CVE) ID: CVE-2010-1787
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11877
Common Vulnerability Exposure (CVE) ID: CVE-2010-1788
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11962
Common Vulnerability Exposure (CVE) ID: CVE-2010-1790
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11777
Common Vulnerability Exposure (CVE) ID: CVE-2010-1792
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11898
Common Vulnerability Exposure (CVE) ID: CVE-2010-1793
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11923
Common Vulnerability Exposure (CVE) ID: CVE-2010-1807
http://lists.apple.com/archives/security-announce/2010//Sep/msg00001.html
BugTraq ID: 43047
http://www.securityfocus.com/bid/43047
http://www.computerworld.com/s/article/9195058/Researcher_to_release_Web_based_Android_attack
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11964
http://www.vupen.com/english/advisories/2010/3046
Common Vulnerability Exposure (CVE) ID: CVE-2010-1812
http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
BugTraq ID: 43079
http://www.securityfocus.com/bid/43079
XForce ISS Database: appleios-selections-code-exec(61699)
https://exchange.xforce.ibmcloud.com/vulnerabilities/61699
Common Vulnerability Exposure (CVE) ID: CVE-2010-1814
BugTraq ID: 43083
http://www.securityfocus.com/bid/43083
XForce ISS Database: appleios-formmenus-code-exec(61701)
https://exchange.xforce.ibmcloud.com/vulnerabilities/61701
Common Vulnerability Exposure (CVE) ID: CVE-2010-1815
BugTraq ID: 43081
http://www.securityfocus.com/bid/43081
XForce ISS Database: appleios-scrollbars-code-exec(61702)
https://exchange.xforce.ibmcloud.com/vulnerabilities/61702
Common Vulnerability Exposure (CVE) ID: CVE-2010-3113
BugTraq ID: 44199
http://www.securityfocus.com/bid/44199
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11901
Common Vulnerability Exposure (CVE) ID: CVE-2010-3114
BugTraq ID: 44201
http://www.securityfocus.com/bid/44201
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11577
Common Vulnerability Exposure (CVE) ID: CVE-2010-3115
BugTraq ID: 44203
http://www.securityfocus.com/bid/44203
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11953
Common Vulnerability Exposure (CVE) ID: CVE-2010-3116
BugTraq ID: 44200
http://www.securityfocus.com/bid/44200
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11909
Common Vulnerability Exposure (CVE) ID: CVE-2010-3119
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12107
Common Vulnerability Exposure (CVE) ID: CVE-2010-3255
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11736
Common Vulnerability Exposure (CVE) ID: CVE-2010-3257
BugTraq ID: 44204
http://www.securityfocus.com/bid/44204
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12138
Common Vulnerability Exposure (CVE) ID: CVE-2010-3259
BugTraq ID: 44206
http://www.securityfocus.com/bid/44206
https://technet.microsoft.com/library/security/msvr11-002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11221
Common Vulnerability Exposure (CVE) ID: CVE-2010-3812
BugTraq ID: 44960
http://www.securityfocus.com/bid/44960
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html
http://trac.webkit.org/changeset/68705
http://www.zerodayinitiative.com/advisories/ZDI-10-257/
https://bugs.webkit.org/show_bug.cgi?id=46848
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11689
XForce ISS Database: safari-text-objects-code-execution(63350)
https://exchange.xforce.ibmcloud.com/vulnerabilities/63350
Common Vulnerability Exposure (CVE) ID: CVE-2010-3813
http://trac.webkit.org/changeset/63622
https://bugs.webkit.org/show_bug.cgi?id=42500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12293
Common Vulnerability Exposure (CVE) ID: CVE-2010-4197
BugTraq ID: 45720
http://www.securityfocus.com/bid/45720
http://trac.webkit.org/changeset/70594
https://bugs.webkit.org/show_bug.cgi?id=48349
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12266
http://secunia.com/advisories/42109
Common Vulnerability Exposure (CVE) ID: CVE-2010-4198
BugTraq ID: 45719
http://www.securityfocus.com/bid/45719
https://bugs.webkit.org/show_bug.cgi?id=45611
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12157
Common Vulnerability Exposure (CVE) ID: CVE-2010-4204
BugTraq ID: 45718
http://www.securityfocus.com/bid/45718
http://trac.webkit.org/changeset/70517
https://bugs.webkit.org/show_bug.cgi?id=48281
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12174
Common Vulnerability Exposure (CVE) ID: CVE-2010-4206
BugTraq ID: 45721
http://www.securityfocus.com/bid/45721
http://trac.webkit.org/changeset/70652
https://bugs.webkit.org/show_bug.cgi?id=48371
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11949
Common Vulnerability Exposure (CVE) ID: CVE-2010-4577
BugTraq ID: 45722
http://www.securityfocus.com/bid/45722
http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml
http://trac.webkit.org/changeset/72685
http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp
https://bugs.webkit.org/show_bug.cgi?id=49883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13953
http://secunia.com/advisories/42648
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.