CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
92.7%
Use-after-free vulnerability in WebKit, as used in Apple Safari before
4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and
webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code
or cause a denial of service (application crash) via vectors involving
element focus.
Author | Note |
---|---|
jdstrand | qt4-x11 unmaintained upstream (see README.webkit for details) webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit. |
mdeslaur | webkitkde is a wrapper around qt4-x11’s webkit. |