eSikker.dk

Sårbarhed Detalje Syn
Legend : critical high medium low other
id 52620
Risiko other
Familie Debian Local Security Checks
Kategori infos
Navn [DSA2188] DSA-2188-1 webkit
Sammenfatning DSA-2188-1 webkit
Beskrivelse
Synopsis :

The remote host is missing the DSA-2188 security update

Description :

Several vulnerabilities have been discovered in WebKit, a Web content engine
library for GTK+. The Common Vulnerabilities and Exposures project identifies
the following problems:
CVE-2010-1783
WebKit does not properly handle dynamic modification of a text node, which
allows remote attackers to execute arbitrary code or cause a denial of service
(memory corruption and application crash) via a crafted HTML
document.
CVE-2010-2901
The rendering implementation in WebKit allows remote attackers to cause a
denial of service (memory corruption) or possibly have unspecified other
impact via unknown vectors.
CVE-2010-4199
WebKit does not properly perform a cast of an unspecified variable during
processing of an SVG element, which allows remote attackers to cause a
denial of service or possibly have unspecified other impact via a crafted SVG
document.
CVE-2010-4040
WebKit does not properly handle animated GIF images, which allows remote
attackers to cause a denial of service (memory corruption) or possibly have
unspecified other impact via a crafted image.
CVE-2010-4492
Use-after-free vulnerability in WebKit allows remote attackers to cause a
denial of service or possibly have unspecified other impact via vectors
involving SVG animations.
CVE-2010-4493
Use-after-free vulnerability in WebKit allows remote attackers to cause a
denial of service via vectors related to the handling of mouse dragging
events.
CVE-2010-4577
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in
WebKit does not properly parse Cascading Style Sheets (CSS) token sequences,
which allows remote attackers to cause a denial of service (out-of-bounds
read) via a crafted local font, related to Type Confusion.
CVE-2010-4578
WebKit does not properly perform cursor handling, which allows remote
attackers to cause a denial of service or possibly have unspecified other
impact via unknown vectors that lead to stale pointers.
CVE-2011-0482
WebKit does not properly perform a cast of an unspecified variable during
handling of anchors, which allows remote attackers to cause a denial of
service or possibly have unspecified other impact via a crafted HTML
document.
CVE-2011-0778
WebKit does not properly restrict drag and drop operations, which might
allow remote attackers to bypass the Same Origin Policy via unspecified
vectors.
For the stable distribution (squeeze), these problems have been fixed
in version 1.2.7-0+squeeze1.

See also :

http://www.debian.org/security/2011/dsa-2188

Solution :

The Debian project recommends that you upgrade your webkit packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE CVE-2010-0474,CVE-2010-1783,CVE-2010-2901,CVE-2010-4040,CVE-2010-4199,CVE-2010-4492,CVE-2010-4493,CVE-2010-4577,CVE-2010-4578,CVE-2011-0482,CVE-2011-0778
Bugtraq NOBID
Copyright (C) 2011 Tenable Network Security, Inc.