Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
FreeBSD Ports: webkit-gtk2
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Insight
Insight
The following package is affected: webkit-gtk2 CVE-2010-2901 The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2010-4040 Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image. CVE-2010-4042 Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to 'stale elements.' CVE-2010-4199 Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document. CVE-2010-4492 Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations. CVE-2010-4493 Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. CVE-2010-4578 Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to 'stale pointers.' CVE-2011-0482 Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. CVE-2011-0778 Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
Solution
Solution
Update your system with the appropriate patches or software upgrades.
Common Vulnerabilities and Exposures (CVE)
References
- https://bugs.webkit.org/show_bug.cgi?id=48328
- https://bugs.webkit.org/show_bug.cgi?id=50710
- https://bugs.webkit.org/show_bug.cgi?id=50840
- https://bugs.webkit.org/show_bug.cgi?id=50932
- https://bugs.webkit.org/show_bug.cgi?id=51993
- https://bugs.webkit.org/show_bug.cgi?id=53265
- https://bugs.webkit.org/show_bug.cgi?id=53276
- http://permalink.gmane.org/gmane.os.opendarwin.webkit.gtk/405
- http://www.vuxml.org/freebsd/35ecdcbe-3501-11e0-afcd-0015f2db7bde.html