The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome prior to 8.0.552.224, Chrome OS prior to 8.0.552.343, webkitgtk prior to 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webkitgtk webkitgtk |
||
google chrome os |
||
google chrome |
||
fedoraproject fedora 13 |
||
debian debian linux 7.0 |
||
debian debian linux 6.0 |