CVE-2010-1823 (retired)

Priority
Description
Use-after-free vulnerability in WebKit before r65958, as used in Google
Chrome before 6.0.472.59, allows remote attackers to cause a denial of
service or possibly have unspecified other impact via vectors that trigger
use of document APIs such as document.close during parsing, as demonstrated
by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka
rdar problem 8442098.
Notes
 jdstrand> qt4-x11 unmaintained upstream (see README.webkit for details)
 jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
  it, while qt4-x11 attempts to unify khtml and webkit.
 mdeslaur> webkitkde is a wrapper around qt4-x11's webkit.
 jdstrand> chromium-browser usually has its own CVEs for its own embedded
  webkit, but adjust it as needed
 mdeslaur> debian lists changeset 65692, but I'm not so sure
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:51:45 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)