7.5

CVE-2010-4577

Exploit
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 8.0.552.224
WebkitgtkWebkitgtk Version < 1.2.6
GoogleChrome Os Version < 8.0.552.343
FedoraprojectFedora Version13
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.21% 0.803
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

http://www.debian.org/security/2011/dsa-2188
Third Party Advisory
Mailing List
http://secunia.com/advisories/43086
Third Party Advisory
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0177.html
Third Party Advisory
Broken Link
http://www.vupen.com/english/advisories/2011/0216
Third Party Advisory
Broken Link
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html
Third Party Advisory
Mailing List
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html
Release Notes
http://secunia.com/advisories/42648
Third Party Advisory
Broken Link
http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml
Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=63866
Exploit
Mailing List
Issue Tracking
http://trac.webkit.org/changeset/72685
Patch
Mailing List
http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp
Patch
Mailing List
http://www.securityfocus.com/bid/45722
Third Party Advisory
Broken Link
VDB Entry
https://bugs.webkit.org/show_bug.cgi?id=49883
Permissions Required
https://bugzilla.redhat.com/show_bug.cgi?id=667025
Third Party Advisory
Issue Tracking
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13953
Third Party Advisory
Broken Link