CVE Reference: CVE-2010-2302

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-2302

Description:
Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771.

CVE Status:
Candidate

References:

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

SAID
  Secunia Advisory: SA40072
  Secunia Advisory: SA43068

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11948

CONFIRM
  http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html
  http://code.google.com/p/chromium/issues/detail?id=44740


Return to the previous page.