Weekly Vulnerabilities Reports > December 20 to 26, 2010
Overview
1 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 5 products from 4 vendors including Debian, Google, Fedoraproject, and Webkitgtk. Vulnerabilities are notably categorized as and "Type Confusion".
- 1 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
1 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-12-22 | CVE-2010-4577 | Webkitgtk Fedoraproject Debian | Type Confusion vulnerability in multiple products The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | 7.5 |
0 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|