WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.
The software does not correctly convert an object, resource, or structure from one type to a different type.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Safari | Apple | * | * |
Safari | Apple | 5.0 | * |
Chrome | * | * | |
Chromium-browser | Ubuntu | upstream | * |