Candidate: CVE-2010-1773 PublicDate: 2010-09-24 19:00:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773 https://ubuntu.com/security/notices/USN-1006-1 Description: Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118. Ubuntu-Description: Notes: jdstrand> qt4-x11 unmaintained upstream (see README.webkit for details) jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit. mdeslaur> webkitkde is a wrapper around qt4-x11's webkit. jdstrand> chromium-browser usually has its own CVEs for its own embedded webkit, but adjust it as needed Bugs: Priority: medium Discovered-by: Assigned-to: micahg CVSS: nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] Patches_webkit: upstream_webkit: released (1.2.3) dapper_webkit: DNE hardy_webkit: ignored (reached end-of-life) jaunty_webkit: ignored (reached end-of-life) karmic_webkit: released (1.2.5-0ubuntu0.9.10.1) lucid_webkit: released (1.2.5-0ubuntu0.10.04.1) maverick_webkit: not-affected (1.2.4-1ubuntu1) natty_webkit: not-affected (1.2.4-1ubuntu1) oneiric_webkit: not-affected (1.2.4-1ubuntu1) devel_webkit: not-affected (1.2.4-1ubuntu1) Patches_qt4-x11: upstream_qt4-x11: needs-triage dapper_qt4-x11: not-affected (no webkit) hardy_qt4-x11: not-affected (no webkit) jaunty_qt4-x11: ignored (reached end-of-life) karmic_qt4-x11: ignored (reached end-of-life) lucid_qt4-x11: ignored (see notes) maverick_qt4-x11: not-affected (4:4.7.0-0ubuntu2) natty_qt4-x11: not-affected (4:4.7.0-0ubuntu2) oneiric_qt4-x11: not-affected (4:4.7.0-0ubuntu2) devel_qt4-x11: not-affected (4:4.7.0-0ubuntu2) Patches_chromium-browser: upstream_chromium-browser: needs-triage dapper_chromium-browser: DNE hardy_chromium-browser: DNE jaunty_chromium-browser: DNE karmic_chromium-browser: DNE lucid_chromium-browser: released (6.0.472.62~r59676-0ubuntu0.10.04.1) maverick_chromium-browser: not-affected (6.0.472.63~r59945-0ubuntu1) natty_chromium-browser: not-affected (6.0.472.63~r59945-0ubuntu1) oneiric_chromium-browser: not-affected (6.0.472.63~r59945-0ubuntu1) devel_chromium-browser: not-affected (6.0.472.63~r59945-0ubuntu1)