CVE-2010-4577

Priority
Description
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in
WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before
8.0.552.343, webkitgtk before 1.2.6, and other products does not properly
parse Cascading Style Sheets (CSS) token sequences, which allows remote
attackers to cause a denial of service (out-of-bounds read) via a crafted
local font, related to "Type Confusion."
Assigned-to
fta
Notes
Package
Upstream:released (8.0.552.224)
Package
Upstream:released (1.2.6)
More Information

Updated: 2019-12-05 20:56:06 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)