Lucene search
RootSSV:60772HistoryApr 28, 2013 - 12:00 a.m.
WebKit 'FrameLoader::checkCompleted()'函数释放后重用远程代码执行漏洞
2013-04-2800:00:00
Root
www.seebug.org
27
EPSS
0.003
Percentile
71.1%
BUGTRAQ ID: 59515
CVE(CAN) ID: CVE-2013-0902
WebKit是一个开源的浏览器引擎,也是苹果Mac OS X 系统引擎框架版本的名称,主要用于Safari,Dashboard,Mail和其他一些Mac OS X 程序。
WebKit 1.11.5、1.10.2在 readystatechange 事件中删除子帧时,函数 ‘FrameLoader::checkCompleted’ [WebCore/loader/FrameLoader.cpp]存在释放后重用错误,通过特制的网页,上下文独立的攻击者可间接引用已经释放的内存并可能执行任意代码。
0
WebKit Open Source Project WebKit 1.11.5
WebKit Open Source Project WebKit 1.10.2
厂商补丁:
WebKit Open Source Project
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
cvelist
cvelist
CVE-2013-0902
2013-03-04 22:00:00
debiancve
debiancve
CVE-2013-0902
2013-03-05 21:55:00
cve
cve
CVE-2013-0902
2013-03-05 21:55:11
prion
prion
Design/Logic Flaw
2013-03-05 21:55:00
nvd
nvd
CVE-2013-0902
2013-03-05 21:55:11
ubuntucve
ubuntucve
CVE-2013-0902
2013-03-05 00:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities-02 (Mar 2013) - Linux
2013-03-11 00:00:00
Google Chrome Multiple Vulnerabilities-02 March 2013 (Windows)
2013-03-11 00:00:00
Google Chrome Multiple Vulnerabilities-02 March 2013 (Linux)
2013-03-11 00:00:00
nessus
nessus
Google Chrome < 25.0.1364.152 Multiple Vulnerabilities
2013-03-06 00:00:00
Google Chrome < 25.0.1364.152 Multiple Vulnerabilities
2013-03-05 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-03-04 00:00:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2013-09-24 00:00:00