CVE-2010-1029
CVE-2010-1029
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.
Affected products
n/a · n/apublic PoCs found — 4
cve_referencewww.exploit-db.com/exploits/11567unverifiedcve_referencewww.exploit-db.com/exploits/11574unverifiedexploitdbwww.exploit-db.com/exploits/11574unverifiedexploitdbwww.exploit-db.com/exploits/11567unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/43068https://exchange.xforce.ibmcloud.com/vulnerabilities/56524https://exchange.xforce.ibmcloud.com/vulnerabilities/56527https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14301http://www.exploit-db.com/exploits/11567http://www.exploit-db.com/exploits/11574http://www.securityfocus.com/bid/38398http://www.vupen.com/english/advisories/2011/0212