CVE-2010-1749

Publication date 11 June 2010

Last updated 24 July 2024


Ubuntu priority

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that has been referenced multiple times.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
chromium-browser 10.10 maverick Ignored end of life
10.04 LTS lucid Ignored end of life
9.10 karmic Not in release
9.04 jaunty Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
qt4-x11 10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.04 LTS hardy
Not affected
6.06 LTS dapper
Not affected
webkit 10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.04 LTS hardy
Not affected
6.06 LTS dapper Not in release

Notes


jdstrand

webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit.


mdeslaur

webkitkde is a wrapper around qt4-x11’s webkit. mac-specific

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
webkit