CVE-2010-3812

2010-11-2200:00:00

ubuntu.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.063 Low

EPSS

Percentile

93.7%

JSON

Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit,
as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and
Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and
possibly other products allows remote attackers to execute arbitrary code
or cause a denial of service (application crash) via vectors involving Text
objects.

Notes

Author	Note
jdstrand	qt4-x11 unmaintained upstream (see README.webkit for details)

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchwebkit< 1.2.7-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchwebkit< 1.2.7-0ubuntu0.10.10.1UNKNOWN