CVE-2015-2330
https://notcve.org/view.php?id=CVE-2015-2330
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies. Verificación tardía del certificado TLS en WebKitGTK+ anterior a la versión 2.6.6 permite a atacantes remotos ver una solicitud HTTP segura, incluyendo, por ejemplo, cookies seguras. • http://www.openwall.com/lists/oss-security/2015/03/17/11 http://www.openwall.com/lists/oss-security/2015/03/18/4 https://bugs.webkit.org/show_bug.cgi?id=142244 https://security.gentoo.org/glsa/201706-15 https://trac.webkit.org/changeset/181074 https://webkitgtk.org/security/WSA-2015-0002.html • CWE-295: Improper Certificate Validation •
CVE-2010-4577 – webkit: CSS Font Face Parsing Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2010-4577
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." Google Chrome anterior v8.0.552.224 y Chrome OS anterior v8.0.552.343 no parsea adecuadamente la secuencia de elementos Cascading Style Sheets (CSS), lo que permite a atacantes remotos causar una denegación de servicio (por lectura fuera de rango) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=63866 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42648 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/72685 http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp http://www.debian.org/security/2011/dsa-2188 http://www.gentoo.org/security/en/ • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2010-4206 – WebKit: Array index error during processing of an SVG document
https://notcve.org/view.php?id=CVE-2010-4206
Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters. Google Chrome antes de la versión v7.0.517.44 accede a una posición fuera de índice de un array en memoria durante el procesamiento de un documento SVG, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener algún otro impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=60688 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/70652 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45721 http • CWE-787: Out-of-bounds Write •
CVE-2010-4197 – WebKit: Use-after-free vulnerabiity related to text editing causes memory corruption
https://notcve.org/view.php?id=CVE-2010-4197
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. Vulnerabilidad de uso después de liberación en Google Chrome antes de su versión v7.0.517.44 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la edición de texto. • http://code.google.com/p/chromium/issues/detail?id=51602 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/70594 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45720 http • CWE-416: Use After Free •
CVE-2010-4204 – WebKit: Use-after-free vulnerability related frame object
https://notcve.org/view.php?id=CVE-2010-4204
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes de su v7.0.517.44 accede a un objeto 'frame' después de que este objeto ha sido destruido, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=60238 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/70517 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45718 http • CWE-416: Use After Free •