Bug#532718: libqt4-webkit: CVE-2009-0945: Array index error in the insertItemBefore method in WebKit

To: submit@bugs.debian.org
Subject: Bug#532718: libqt4-webkit: CVE-2009-0945: Array index error in the insertItemBefore method in WebKit
From: Luciano Bello <luciano@debian.org>
Date: Wed, 10 Jun 2009 18:57:47 -0300
Message-id: <[🔎] 200906101857.53439.luciano@debian.org>
Reply-to: Luciano Bello <luciano@debian.org>, 532718@bugs.debian.org

Package: libqt4-webkit
Version: 4.5.1-2
Severity: grave
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for libqt4-webkit.

CVE-2009-0945[0]:
| Array index error in the insertItemBefore method in WebKit, as used in
| Safari before 3.2.3 and 4 Public Beta, Google Chrome Stable before
| 1.0.154.65, and possibly other products allows remote attackers to
| execute arbitrary code via a document with a SVGPathList data
| structure containing a negative index in the (1) SVGTransformList, (2)
| SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5)
| SVGPointList, or (6) SVGLengthList SVGList object, which triggers
| memory corruption.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945
    http://security-tracker.debian.net/tracker/CVE-2009-0945

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Prev by Date: Bug#532512: libqt4-assistant: please provide 32bit variant of libQtAssistantClient.so.4 on amd64
Next by Date: Bug#532716: Lokalize glosarry does not show words
Previous by thread: Bug#527317: seems to be fixed
Next by thread: Bug#532716: Lokalize glosarry does not show words
Index(es):
- Date
- Thread