7.5

CVE-2010-4577

Exploit

The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."

Data is provided by the National Vulnerability Database (NVD)
GoogleChrome Version < 8.0.552.224
WebkitgtkWebkitgtk Version < 1.2.6
GoogleChrome Os Version < 8.0.552.343
FedoraprojectFedora Version13
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 4.27% 0.877
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

http://www.debian.org/security/2011/dsa-2188
Third Party Advisory
Mailing List
http://secunia.com/advisories/43086
Third Party Advisory
Broken Link
http://www.vupen.com/english/advisories/2011/0216
Third Party Advisory
Broken Link
http://secunia.com/advisories/42648
Third Party Advisory
Broken Link
http://www.securityfocus.com/bid/45722
Third Party Advisory
Broken Link
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=667025
Third Party Advisory
Issue Tracking