Oval Definition:oval:org.opensuse.security:def:20101236
Revision Date:2015-11-16Version:1
Title:CVE-2010-1236
Description:
The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted javascript: URL, as demonstrated by a \x00javascript:alert sequence.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-1236
Platform(s):openSUSE 11.2
openSUSE 11.3
Product(s):
Definition Synopsis
  • Release Information
  • suse112 is installed
  • AND
  • libwebkit-1_0-2 less than 1.2.6-0.5.1
  • OR libwebkit-devel less than 1.2.6-0.5.1
  • OR libwebkit-lang less than 1.2.6-0.5.1
  • OR webkit-jsc less than 1.2.6-0.5.1
  • OR Package Information
  • suse113 is installed
  • AND
  • libwebkit-1_0-2-32bit less than 1.2.6-0.2.1
  • OR libwebkit-1_0-2 less than 1.2.6-0.2.1
  • OR libwebkit-devel less than 1.2.6-0.2.1
  • OR libwebkit-lang less than 1.2.6-0.2.1
  • OR webkit-jsc less than 1.2.6-0.2.1
    • BACK