CVE-2010-3812

Related Files

Ubuntu Security Notice USN-1195-1

Posted Aug 23, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1195-1 - A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss

systems | linux, ubuntu

advisories | CVE-2010-1824, CVE-2010-2646, CVE-2010-2651, CVE-2010-2900, CVE-2010-2901, CVE-2010-3120, CVE-2010-3254, CVE-2010-3812, CVE-2010-3813, CVE-2010-4040, CVE-2010-4042, CVE-2010-4197, CVE-2010-4198, CVE-2010-4199, CVE-2010-4204, CVE-2010-4206, CVE-2010-4492, CVE-2010-4493, CVE-2010-4577, CVE-2010-4578, CVE-2011-0482, CVE-2011-0778

SHA-256 | f1bc7a0e186c70229fcf70b71a059dcb362b2e504967424998912b4bf757a8a9

Download | Favorite | View

Zero Day Initiative Advisory 10-257

Posted Nov 23, 2010

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the wholeText method of the Text element. When calculating the total size of all the text containing it, the application will wrap a 32-bit integer. The application will use this in an allocation and then later use a different value for populating the buffer. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution

systems | apple

advisories | CVE-2010-3812

SHA-256 | 25b882b473909491bee5e2d5d9ff573475d8e1674c9b7d01f58b348d3815e065

Download | Favorite | View