CVE-2010-1029 (retired)

Priority
Description
Stack consumption vulnerability in the WebCore::CSSSelector function in
WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone
OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to
cause a denial of service (application crash) or possibly execute arbitrary
code via a STYLE element composed of a large number of *> sequences.
Notes
 jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
  it, while qt4-x11 attempts to unify khtml and webkit.
 mdeslaur> webkitkde is a wrapper around qt4-x11's webkit.
 mdeslaur> looks like it was safari only
Package
Upstream:needs-triage
Package
Upstream:not-affected
Package
Upstream:not-affected
More Information

Updated: 2019-03-26 11:51:01 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)