CVE-2010-1774

Priority
Medium
Description
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and
Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory
during processing of HTML tables, which allows remote attackers to execute
arbitrary code or cause a denial of service (application crash) via a
crafted HTML document.
References
Bugs
Notes
jdstrand> qt4-x11 unmaintained upstream (see README.webkit for details)
jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
it, while qt4-x11 attempts to unify khtml and webkit.
mdeslaur> webkitkde is a wrapper around qt4-x11's webkit.
Assigned-to
micahg
Package
Upstream:released (1.2.3)
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.2.5-0ubuntu0.10.04.1)
Ubuntu 11.04 (Natty Narwhal):not-affected (1.2.4-1ubuntu1)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (1.2.4-1ubuntu1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (1.2.4-1ubuntu1)
Patches:
Upstream:http://trac.webkit.org/changeset/59495
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):not-affected (no webkit)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (see notes)
Ubuntu 11.04 (Natty Narwhal):not-affected (webkit isn't built)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (webkit isn't built)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (webkit isn't built)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):ignored (uses its own embedded webkit)
Ubuntu 11.04 (Natty Narwhal):ignored (uses its own embedded webkit)
Ubuntu 11.10 (Oneiric Ocelot):ignored (uses its own embedded webkit)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (uses its own embedded webkit)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:59 UTC (commit 5347)