返回 CVE 瀏覽器

CVE-2011-1290

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0170%

EPSS Percentile27.60th

Published2011年3月11日

Last Modified2026年4月29日

Vulnerability Description

Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.

Affected Platforms (CPE)

📦

Apple

Webkit

All versions

📦

Rim

Blackberry Torch 9800 Firmware

= 6.0.0.246

🔌

Rim

Blackberry Torch 9800

All versions

References & Advisories

🔗 http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011

🔗 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html

🔗 http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html

🔗 http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html

🔗 http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html

🔗 http://osvdb.org/71182

🔗 http://secunia.com/advisories/43735

🔗 http://secunia.com/advisories/43748

相關漏洞威脅

CVE-2010-111910.0

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on ...

CVE-2010-123310.0

Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors i...

CVE-2020-1375310.0

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOC...

CVE-2010-230010.0

Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome...