ID CVE-2011-1290
Summary Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
    cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
  • cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*
    cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*
  • cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*
    cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 09-10-2018 - 19:30)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
apple
  • APPLE-SA-2011-04-14-1
  • APPLE-SA-2011-04-14-2
  • APPLE-SA-2011-04-14-3
bid 46849
bugtraq 20110414 ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability
confirm
debian DSA-2192
misc
osvdb 71182
sectrack 1025212
secunia
  • 43735
  • 43748
  • 43782
  • 44151
  • 44154
vupen
  • ADV-2011-0645
  • ADV-2011-0654
  • ADV-2011-0671
  • ADV-2011-0984
xf google-webkit-style-code-execution(66052)
Last major update 09-10-2018 - 19:30
Published 11-03-2011 - 21:57
Last modified 09-10-2018 - 19:30
Back to Top