CVE Vulnerabilities

CVE-2010-1773

Off-by-one Error

Published: Sep 24, 2010 | Modified: Aug 14, 2020
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
2.6 LOW
AV:N/AC:H/Au:N/C:P/I:N/A:N
RedHat/V3
Ubuntu

Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.

Weakness

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Affected Software

Name Vendor Start Version End Version
Chrome Google * *
Chromium-browser Ubuntu lucid *
Qt4-x11 Ubuntu jaunty *
Qt4-x11 Ubuntu karmic *
Qt4-x11 Ubuntu lucid *
Webkit Ubuntu hardy *
Webkit Ubuntu jaunty *
Webkit Ubuntu karmic *
Webkit Ubuntu lucid *
Webkit Ubuntu upstream *

Potential Mitigations

References