CVE-2010-1791
https://notcve.org/view.php?id=CVE-2010-1791
Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. Error de entero sin signo en WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores de ataque que involucran un índice de array JavaScript. • http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT4276 http://support.apple.com/kb/HT4334 http://support.apple.com/kb/HT4456 http& • CWE-189: Numeric Errors •
CVE-2010-1792 – WebKit: multiple vulnerabilities in WebKitGTK
https://notcve.org/view.php?id=CVE-2010-1792
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression. WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de una expresión regular modificada. • http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4276 http://support.apple.com/kb/HT4564 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-1793 – WebKit: multiple vulnerabilities in WebKitGTK
https://notcve.org/view.php?id=CVE-2010-1793
Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-face or (2) use element in an SVG document. Múltiples vulnerabilidades de usar después de liberar en WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permiten a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de un elemento (1) font-face o (2) use en un documento SVG. • http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http:/ • CWE-399: Resource Management Errors •
CVE-2010-2497
https://notcve.org/view.php?id=CVE-2010-2497
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Desbordamiento de entero glyph manejado en FreeType anterior a v2.4.0 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un fichero fuente manipulado. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html http://marc.info/?l=oss-security&m=127905701201340&w=2 http://marc.info/?l=oss-security&m=127909326909362&w=2 http://secunia.com/advisories/48951 http://support.apple.com/kb/HT4435 http://www.debian.org/security/2010/dsa-2070 http: • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2010-2498 – freetype: invalid free vulnerability with possible heap corruption
https://notcve.org/view.php?id=CVE-2010-2498
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation. La función psh_glyph_find_strong_points en pshinter/pshalgo.c de FreeType anterior a v2.4.0 no implementa adecuadamente mascaras sugeridas, lo cual permite a atacantes remotos causar una denegación de servicio (corrupción en la pila de memoria y fallo de la aplicación) o posiblemente ejecutar código a su elección a través de ficheros de fuentes manipulados que provocan una operación libre no válida. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html http://marc.info/?l=oss-security&m=127905701201340&w=2 http://marc.info/?l=oss-security&m=127909326909362&w=2 http://secunia.com/advisories/48951 http://securitytracker.com/id?1024266 http://support.apple.com/kb/HT4435 http://www.deb • CWE-787: Out-of-bounds Write •