The text-editing implementation in Google Chrome prior to 5.0.375.127, and webkitgtk prior to 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
webkitgtk webkitgtk |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 10.10 |