CVEブラウザに戻る

CVE-2010-3114

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0330%

EPSS Percentile40.84th

Published2010年8月24日

Last Modified2026年4月29日

Vulnerability Description

The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/.

Affected Platforms (CPE)

📦

Google

Chrome

< 5.0.375.127

📦

Webkitgtk

Webkitgtk

< 1.2.6

💻

Canonical

Ubuntu Linux

= 9.10

💻

Canonical

Ubuntu Linux

= 10.04

💻

Canonical

Ubuntu Linux

= 10.10

References & Advisories

🔗 http://code.google.com/p/chromium/issues/detail?id=49628

🔗 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html

🔗 http://secunia.com/advisories/41856

🔗 http://secunia.com/advisories/43086

🔗 http://trac.webkit.org/changeset/63773

🔗 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

🔗 http://www.redhat.com/support/errata/RHSA-2011-0177.html

🔗 http://www.securityfocus.com/bid/44201

関連する脆弱性情報

CVE-2004-076410.0

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "c...

CVE-2009-247110.0

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers...

CVE-2021-3397010.0

Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

CVE-2009-266510.0

The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when cert...