Candidate: CVE-2010-1822
PublicDate: 2010-10-04 21:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1822
 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html
Description:
 WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and
 Google Chrome before 6.0.472.62, does not properly perform a cast of an
 unspecified variable, which allows remote attackers to execute arbitrary
 code or cause a denial of service (application crash) via an SVG element in
 a non-SVG document.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.webkit.org/show_bug.cgi?id=45562
 http://code.google.com/p/chromium/issues/detail?id=55114
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_chromium-browser:
upstream_chromium-browser: released (6.0.472.62)
dapper_chromium-browser: DNE
hardy_chromium-browser: DNE
jaunty_chromium-browser: DNE
karmic_chromium-browser: DNE
lucid_chromium-browser: not-affected (6.0.472.62~r59676-0ubuntu0.10.04.1)
devel_chromium-browser: not-affected (6.0.472.63~r59945-0ubuntu2)