Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Safari | Apple | * | 5.0.2 (including) |
Safari | Apple | 5.0 (including) | 5.0 (including) |
Safari | Apple | 5.0.1 (including) | 5.0.1 (including) |
Webkit | Apple | * | * |