CVE-2010-3113
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
24/08/2010
Last modified:
04/08/2020
Description
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 5.0.375.127 (excluding) | |
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:* | 1.2.5 (excluding) | |
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* | ||
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* | ||
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032
- http://code.google.com/p/chromium/issues/detail?id=49596
- http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
- http://secunia.com/advisories/41856
- http://secunia.com/advisories/43086
- http://trac.webkit.org/changeset/63865
- http://www.mandriva.com/security/advisories?name=MDVSA-2011%3A039
- http://www.redhat.com/support/errata/RHSA-2011-0177.html
- http://www.securityfocus.com/bid/44199
- http://www.ubuntu.com/usn/USN-1006-1
- http://www.vupen.com/english/advisories/2010/2722
- http://www.vupen.com/english/advisories/2011/0216
- http://www.vupen.com/english/advisories/2011/0552
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11901