package: webkit version: 1.0.1-4 Hi,
The following CVE (Common Vulnerabilities & Exposures) ids were published for chrome or safari. I tested the proof of concepts against webkit 1.2.0 (epiphany), and they were effective. I've submitted a bug upstream [3], which is likely private right now since that is the only way to submit a security bug to them. I've asked them to unhide it. Both stable and unstable are affected. CVE-2009-1514[0]: | Google Chrome 1.0.154.53 allows remote attackers to cause a denial of | service (NULL pointer dereference and application crash) via a throw | statement with a long exception value. CVE-2010-1180[1]: | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers | to cause a denial of service (application crash) or possibly execute | arbitrary code via a long exception string in a throw statement, | possibly a related issue to CVE-2009-1514. CVE-2010-1181[2]: | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers | to cause a denial of service (application crash) or possibly execute | arbitrary code via a long string in a MARQUEE element. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1514 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1180 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1181 [3] https://bugs.webkit.org/show_bug.cgi?id=38067 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
