Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:25
Type | Values Removed | Values Added |
---|---|---|
References | () http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 - | |
References | () http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html - | |
References | () http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html - | |
References | () http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html - | |
References | () http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html - | |
References | () http://osvdb.org/71182 - | |
References | () http://secunia.com/advisories/43735 - Vendor Advisory | |
References | () http://secunia.com/advisories/43748 - Vendor Advisory | |
References | () http://secunia.com/advisories/43782 - Vendor Advisory | |
References | () http://secunia.com/advisories/44151 - Vendor Advisory | |
References | () http://secunia.com/advisories/44154 - Vendor Advisory | |
References | () http://support.apple.com/kb/HT4596 - | |
References | () http://support.apple.com/kb/HT4607 - | |
References | () http://www.blackberry.com/btsc/KB26132 - | |
References | () http://www.debian.org/security/2011/dsa-2192 - | |
References | () http://www.securityfocus.com/archive/1/517513/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/46849 - | |
References | () http://www.securitytracker.com/id?1025212 - | |
References | () http://www.vupen.com/english/advisories/2011/0645 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2011/0654 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2011/0671 - | |
References | () http://www.vupen.com/english/advisories/2011/0984 - Vendor Advisory | |
References | () http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401 - | |
References | () http://www.zerodayinitiative.com/advisories/ZDI-11-104 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/66052 - |
Information
Published : 2011-03-11 21:57
Updated : 2024-11-21 01:25
NVD link : CVE-2011-1290
Mitre link : CVE-2011-1290
CVE.ORG link : CVE-2011-1290
JSON object : View
Products Affected
apple
- webkit
rim
- blackberry_torch_9800_firmware
- blackberry_torch_9800
CWE
CWE-189
Numeric Errors