CVE-2011-1290 Information
Description
Integer overflow in WebKit as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 in Google Chrome before 10.0.648.133 and in Apple Safari before 5.0.5 allows remote attackers to execute arbitrary code via unknown vectors related to CSS \style handling\ nodesets and a length value as demonstrated by Vincenzo Iozzo Willem Pinckaers and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
Reference
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html http://osvdb.org/71182 http://secunia.com/advisories/43735 http://secunia.com/advisories/43748 http://secunia.com/advisories/43782 http://secunia.com/advisories/44151 http://secunia.com/advisories/44154 http://support.apple.com/kb/HT4596 http://support.apple.com/kb/HT4607 http://www.blackberry.com/btsc/KB26132 http://www.debian.org/security/2011/dsa-2192 http://www.securityfocus.com/archive/1/517513/100/0/threaded http://www.securityfocus.com/bid/46849 http://www.securitytracker.com/id?1025212 http://www.vupen.com/english/advisories/2011/0645 http://www.vupen.com/english/advisories/2011/0654 http://www.vupen.com/english/advisories/2011/0671 http://www.vupen.com/english/advisories/2011/0984 http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401 http://www.zerodayinitiative.com/advisories/ZDI-11-104 https://exchange.xforce.ibmcloud.com/vulnerabilities/66052
Share on: