CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2010-1386 – Mandriva Linux Security Advisory 2011-039
https://notcve.org/view.php?id=CVE-2010-1386
19 Aug 2010 — page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357. En el archivo page/Geolocation.cpp en WebCore en WebKit anterior a r56188 y anterior a versión 1.2.5 no restringe apropiadamente el acceso a la función lastPosition, que tiene un impacto no especificado y vectores de ataque remoto, también se conoce como rdar problem 7746357. Multiple cross-s... • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2010-1760 – Mandriva Linux Security Advisory 2011-039
https://notcve.org/view.php?id=CVE-2010-1760
19 Aug 2010 — loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150. loader/DocumentThreadableLoader.cpp en la implementación XMLHttpRequest en WebCore en WebKit anterior a r58409 no maneja adecuadamente las credenciales durante una petición de sincronización cross-origin, lo que tiene un impacto y vectores de... • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html • CWE-255: Credentials Management Errors •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2010-1766 – Mandriva Linux Security Advisory 2011-039
https://notcve.org/view.php?id=CVE-2010-1766
22 Jul 2010 — Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid. Error de superación de límite en la función WebSocketHandshake::readServerHandshake en websockets/WebSocketHandshake.cpp en WebCore en WebKit anterior a r56380,... • http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 7%CPEs: 49EXPL: 0CVE-2010-0659
https://notcve.org/view.php?id=CVE-2010-0659
18 Feb 2010 — The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size. El decodificador de imagen en WebKit anterior a r52833, usado en Google Chrome anterior a v4.0.249.78, no controla correctamente un error de asignación de memoria, lo cual permite a atacantes remotos ejecutar código arbitrario en el rec... • http://code.google.com/p/chromium/issues/detail?id=28566 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 10%CPEs: 49EXPL: 0CVE-2010-0647 – Mandriva Linux Security Advisory 2011-039
https://notcve.org/view.php?id=CVE-2010-0647
18 Feb 2010 — WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a >