Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 521
Alerts This Week
Warning Icon 1 521

Debian: DSA-2188-1 Critical: WebKit Remote Memory Corruption

debian
Calendar Grey March 10, 2011
Debian Logo
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------
Several vulnerabilities have been discovered in webkit, a Web content engine library for Gtk+

Summary

Several vulnerabilities have been discovered in webkit, a Web content engine
library for Gtk+. The Common Vulnerabilities and Exposures project identifies
the following problems:

CVE-2010-1783

WebKit does not properly handle dynamic modification of a
text node, which allows remote attackers to execute arbitrary code or cause
a denial of service (memory corruption and application crash) via a
crafted HTML document.


CVE-2010-2901

The rendering implementation in WebKit allows
remote attackers to cause a denial of service (memory corruption) or possibly
have unspecified other impact via unknown vectors.


CVE-2010-4199

WebKit does not properly perform a cast of an
unspecified variable during processing of an SVG use element, which allows
remote attackers to cause a denial of service or possibly have unspecified
other impact via a crafted SVG document.


CVE-2010-4040

WebKit does not properly handle animated GIF images,
which allows remote attackers to cause a denial of service (memor...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: webkit
CVE ID: CVE-2010-1783 CVE-2010-2901 CVE-2010-4199 CVE-2010-4040 CVE-2010-4492 CVE-2010-4493 CVE-2010-4577 CVE-2010-4578 CVE-2010-0474 CVE-2011-0482 CVE-2011-0778

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.