Secunia
Login
|
|
CVE Reference: CVE-2010-1766 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2010-1766 |
|
|
Description: Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/USN-1006-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html SAID Secunia Advisory: SA43068 Secunia Advisory: SA40557 Secunia Advisory: SA41856 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html CONFIRM http://trac.webkit.org/changeset/56380 |
|
| Return to the previous page. |
