Bug 568184 (CVE-2010-0051, CVE-2010-0651)
Summary: | CVE-2010-0651 webkit: remote information disclosure | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | jreznik |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0651 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-10-19 09:10:33 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Vincent Danen
2010-02-24 23:12:21 UTC
See bug #568231 for the bug filed for Firefox (CVE-2010-0654). The original report for this: http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html and an upstream WebKit bug report (currently not public): https://bugs.webkit.org/show_bug.cgi?id=29820 This has been addressed in Qt via: qt-4.6.2-8.fc12, qt-4.6.2-8.fc11, and qt-4.6.2-8.fc13 (see bug #570349). Not sure when this was addressed in webkitgtk, but looking at the files in 1.2.0, this is corrected there. This means that Fedora 11 and 12 may still be problematic, but rawhide has 1.2.0 in it. Adding CVE-2010-0051 as another bug alias based on: https://bugzilla.redhat.com/show_bug.cgi?id=570349#c3 |