← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

Candidate: CVE-2010-1790
PublicDate: 2010-07-30
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
 http://www.ubuntu.com/usn/usn-1006-1
Description:
 WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and
 Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6;
 does not properly handle just-in-time (JIT) compiled JavaScript stubs,
 which allows remote attackers to execute arbitrary code or cause a denial
 of service (application crash) via a crafted HTML document, related to a
 "reentrancy issue."
Ubuntu-Description:
Notes:
 jdstrand> qt4-x11 unmaintained upstream (see README.webkit for details)
 jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
  it, while qt4-x11 attempts to unify khtml and webkit.
 mdeslaur> webkitkde is a wrapper around qt4-x11's webkit.
Bugs:
Priority: medium
Discovered-by:
Assigned-to: micahg

Patches_webkit:
upstream_webkit: released (1.2.4)
dapper_webkit: DNE
hardy_webkit: ignored (reached end-of-life)
jaunty_webkit: ignored (reached end-of-life)
karmic_webkit: released (1.2.5-0ubuntu0.9.10.1)
lucid_webkit: released (1.2.5-0ubuntu0.10.04.1)
maverick_webkit: not-affected (1.2.4-1ubuntu1)
natty_webkit: not-affected (1.2.4-1ubuntu1)
oneiric_webkit: not-affected (1.2.4-1ubuntu1)
devel_webkit: not-affected (1.2.4-1ubuntu1)

Patches_qt4-x11:
upstream_qt4-x11: needs-triage
dapper_qt4-x11: not-affected (no webkit)
hardy_qt4-x11: not-affected (no webkit)
jaunty_qt4-x11: ignored (reached end-of-life)
karmic_qt4-x11: ignored (reached end-of-life)
lucid_qt4-x11: ignored (see notes)
maverick_qt4-x11: not-affected (webkit isn't built)
natty_qt4-x11: not-affected (webkit isn't built)
oneiric_qt4-x11: not-affected (webkit isn't built)
devel_qt4-x11: not-affected (webkit isn't built)

Patches_chromium-browser:
upstream_chromium-browser: needs-triage
dapper_chromium-browser: DNE
hardy_chromium-browser: DNE
jaunty_chromium-browser: DNE
karmic_chromium-browser: DNE
lucid_chromium-browser: ignored (uses its own embedded webkit)
maverick_chromium-browser: ignored (uses its own embedded webkit)
natty_chromium-browser: ignored (uses its own embedded webkit)
oneiric_chromium-browser: ignored (uses its own embedded webkit)
devel_chromium-browser: ignored (uses its own embedded webkit)