Lucene search

K
nvd[email protected]NVD:CVE-2010-1766
HistoryJul 22, 2010 - 5:42 a.m.

CVE-2010-1766

2010-07-2205:42:55
CWE-189
web.nvd.nist.gov
6

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

9.1

Confidence

High

EPSS

0.019

Percentile

88.7%

Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid.

Affected configurations

Nvd
Node
digiaqtRange4.6.2
OR
webkitwebkitRanger56379

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

9.1

Confidence

High

EPSS

0.019

Percentile

88.7%