CVE-2010-1766

Mandriva Linux Security Advisory 2011-039

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid.

Error de superación de límite en la función WebSocketHandshake::readServerHandshake en websockets/WebSocketHandshake.cpp en WebCore en WebKit anterior a r56380, utilizado en Qt y otros productos, permite a los servidores de websockets remotos provocar una denegación de servicio (corrupción de memoria), o posiblemente tener otro impacto no especificado a través de una cabecera de actualización que es larga e inválida.

Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. The updated packages have been upgraded to the latest version to correct these issues.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-05-06 CVE Reserved
2010-07-22 CVE Published
2024-08-07 CVE Updated
2025-07-13 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-189: Numeric Errors

CAPEC

References (15)

URL	Tag	Source
http://trac.webkit.org/changeset/56380	X_refsource_confirm
http://www.vupen.com/english/advisories/2010/2722	Vdb Entry
http://www.vupen.com/english/advisories/2011/0212	Vdb Entry
http://www.vupen.com/english/advisories/2011/0552	Vdb Entry
https://bugs.webkit.org/show_bug.cgi?id=36339	X_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=596494	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html	2013-02-07
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html	2013-02-07
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	2013-02-07
http://secunia.com/advisories/40557	2013-02-07
http://secunia.com/advisories/41856	2013-02-07
http://secunia.com/advisories/43068	2013-02-07
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	2013-02-07
http://www.ubuntu.com/usn/USN-1006-1	2013-02-07
http://www.vupen.com/english/advisories/2010/1801	2013-02-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Digia Search vendor "Digia"		Qt Search vendor "Digia" for product "Qt"				<= 4.6.2 Search vendor "Digia" for product "Qt" and version " <= 4.6.2"		-		Affected
Webkit Search vendor "Webkit"		Webkit Search vendor "Webkit" for product "Webkit"				<= r56379 Search vendor "Webkit" for product "Webkit" and version " <= r56379"		-		Affected