Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-4577
Description:The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
Test IDs: 1.3.6.1.4.1.25623.1.0.68773   1.3.6.1.4.1.25623.1.0.68823   1.3.6.1.4.1.25623.1.0.69325  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-4577
BugTraq ID: 45722
http://www.securityfocus.com/bid/45722
Debian Security Information: DSA-2188 (Google Search)
http://www.debian.org/security/2011/dsa-2188
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html
http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml
http://trac.webkit.org/changeset/72685
http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp
https://bugs.webkit.org/show_bug.cgi?id=49883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13953
RedHat Security Advisories: RHSA-2011:0177
http://www.redhat.com/support/errata/RHSA-2011-0177.html
http://secunia.com/advisories/42648
http://secunia.com/advisories/43086
http://www.vupen.com/english/advisories/2011/0216




© 1998-2021 E-Soft Inc. All rights reserved.