8.8
CVE-2010-1773
- EPSS 2.15%
- Veröffentlicht 24.09.2010 19:00:04
- Zuletzt bearbeitet 16.06.2026 23:19:17
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version6.0
Canonical ≫ Ubuntu Linux Version9.10
Canonical ≫ Ubuntu Linux Version10.04 SwEdition-
Canonical ≫ Ubuntu Linux Version10.10
Fedoraproject ≫ Fedora Version12
Fedoraproject ≫ Fedora Version13
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.15% | 0.797 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-193 Off-by-one Error
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/43068
http://www.vupen.com/english/advisories/2011/0212
http://secunia.com/advisories/41856
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0552
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html
http://secunia.com/advisories/40557
http://www.vupen.com/english/advisories/2010/1801
http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html
http://secunia.com/advisories/40072
http://code.google.com/p/chromium/issues/detail?id=44955
http://trac.webkit.org/changeset/59950
http://www.securityfocus.com/bid/41575
https://bugs.webkit.org/show_bug.cgi?id=39508
https://bugzilla.redhat.com/show_bug.cgi?id=596500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11830