NA
CVSSv3

CVE-2010-0647

CVSSv4: NA | CVSSv3: NA | CVSSv2: 9.3 | VMScore: 1000 | EPSS: 0.07791 | KEV: Not Included
Published: 18/02/2010 Updated: 21/11/2024

Vulnerability Summary

WebKit before r53525, as used in Google Chrome prior to 4.0.249.89, allows remote malicious users to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.

Vulnerable Product Search on Vulmon Subscribe to Product

apple webkit

google chrome

google chrome 0.2.149.27

google chrome 0.2.149.29

google chrome 0.2.149.30

google chrome 0.2.152.1

google chrome 0.2.153.1

google chrome 0.3.154.0

google chrome 0.3.154.3

google chrome 0.4.154.18

google chrome 0.4.154.22

google chrome 0.4.154.31

google chrome 0.4.154.33

google chrome 1.0.154.36

google chrome 1.0.154.39

google chrome 1.0.154.42

google chrome 1.0.154.43

google chrome 1.0.154.46

google chrome 1.0.154.48

google chrome 1.0.154.52

google chrome 1.0.154.53

google chrome 1.0.154.59

google chrome 1.0.154.65

google chrome 2.0.156.1

google chrome 2.0.157.0

google chrome 2.0.157.2

google chrome 2.0.158.0

google chrome 2.0.159.0

google chrome 2.0.169.0

google chrome 2.0.169.1

google chrome 2.0.170.0

google chrome 2.0.172

google chrome 2.0.172.2

google chrome 2.0.172.8

google chrome 2.0.172.27

google chrome 2.0.172.28

google chrome 2.0.172.30

google chrome 2.0.172.31

google chrome 2.0.172.33

google chrome 2.0.172.37

google chrome 2.0.172.38

google chrome 3.0.182.2

google chrome 3.0.190.2

google chrome 3.0.193.2

google chrome 3.0.195.21

google chrome 3.0.195.24

google chrome 3.0.195.32

google chrome 3.0.195.33

google chrome 4.0.244.0

References

CWE-94https://nvd.nist.govhttps://www.first.org/epsshttp://code.google.com/p/chromium/issues/detail?id=31692http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/38545http://secunia.com/advisories/41856http://secunia.com/advisories/43068http://securitytracker.com/id?1023583http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugshttp://trac.webkit.org/changeset/53525http://www.mandriva.com/security/advisories?name=MDVSA-2011:039http://www.osvdb.org/62317http://www.securityfocus.com/bid/38177http://www.ubuntu.com/usn/USN-1006-1http://www.vupen.com/english/advisories/2010/0361http://www.vupen.com/english/advisories/2010/2722http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0552https://bugs.webkit.org/show_bug.cgi?id=33266https://exchange.xforce.ibmcloud.com/vulnerabilities/56214https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094http://code.google.com/p/chromium/issues/detail?id=31692http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/38545http://secunia.com/advisories/41856http://secunia.com/advisories/43068http://securitytracker.com/id?1023583http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugshttp://trac.webkit.org/changeset/53525http://www.mandriva.com/security/advisories?name=MDVSA-2011:039http://www.osvdb.org/62317http://www.securityfocus.com/bid/38177http://www.ubuntu.com/usn/USN-1006-1http://www.vupen.com/english/advisories/2010/0361http://www.vupen.com/english/advisories/2010/2722http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0552https://bugs.webkit.org/show_bug.cgi?id=33266https://exchange.xforce.ibmcloud.com/vulnerabilities/56214https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094