SuSE 11.2 Security Update : libwebkit (SAT Patch Number 7114)

Two issues in libwebkit have been fixed : - Webkit CSS Text Element Count remote code execution was fixed. CVE-2011-1290 - WebKit WBR Tag Removal remote code execution was fixed. CVE-2011-1344 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability

ZDI-11-135: Pwn2Own WebKit WBR Tag Removal Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-135 April 14, 2011 -- CVE ID: CVE-2011-1344 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: WebKit -- Affected Products: WebKit WebKit -- TippingPointTM IP...

(Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the Webkit librar...

CVE-2011-1344

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 CDMA; and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag,...