| Vulnerability Name: | CVE-2010-4577 (CCN-64032) | ||||||||||||||||||||||||||||
| Assigned: | 2010-12-13 | ||||||||||||||||||||||||||||
| Published: | 2010-12-13 | ||||||||||||||||||||||||||||
| Updated: | 2020-07-31 | ||||||||||||||||||||||||||||
| Summary: | The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | ||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
2.7 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-125 | ||||||||||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||
| References: | Source: CONFIRM Type: Exploit, Patch, Vendor Advisory http://code.google.com/p/chromium/issues/detail?id=63866 Source: MITRE Type: CNA CVE-2010-4577 Source: CCN Type: Google Chrome Releases Web site Stable, Beta Channel Updates Source: CONFIRM Type: Vendor Advisory http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html Source: CCN Type: DSA 2188-1 webkit security update Source: FEDORA Type: Third Party Advisory FEDORA-2011-0121 Source: CCN Type: RHSA-2011-0177 Moderate: webkitgtk security update Source: CCN Type: SA42605 Google Chrome Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 42648 Source: SECUNIA Type: Third Party Advisory 43086 Source: CCN Type: SA43688 Debian webkit Multiple Vulnerabilities Source: MISC Type: Patch, Third Party Advisory http://trac.webkit.org/changeset/72685 Source: MISC Type: Patch, Third Party Advisory http://trac.webkit.org/changeset/72685/trunk/WebCore/css/CSSParser.cpp Source: DEBIAN Type: Third Party Advisory DSA-2188 Source: DEBIAN Type: DSA-2188 webkit -- several vulnerabilities Source: GENTOO Type: Third Party Advisory GLSA-201012-01 Source: CCN Type: OSVDB ID: 70105 Google Chrome CSS Token Sequence Out-of-bounds Read Remote DoS Source: REDHAT Type: Third Party Advisory RHSA-2011:0177 Source: CCN Type: BID-45390 Google Chrome prior to 8.0.552.224 Multiple Security Vulnerabilities Source: BID Type: Third Party Advisory, VDB Entry 45722 Source: CCN Type: BID-45722 WebKit CSS Token Sequences Handling Denial of Service Vulnerability Source: VUPEN Type: Third Party Advisory ADV-2011-0216 Source: MISC Type: Permissions Required https://bugs.webkit.org/show_bug.cgi?id=49883 Source: CONFIRM Type: Issue Tracking, Third Party Advisory https://bugzilla.redhat.com/show_bug.cgi?id=667025 Source: XF Type: UNKNOWN chrome-css-dos(64032) Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:13953 | ||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||