An input validation issue exists in WebKit's handling of floating point data types. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved validation of floating point values. Credit to Luke Wagner of Mozilla for reporting this issue.
This is now public:
This issue has been corrected in WebKitGTK 1.2.5.
Created webkitgtk tracking bugs for this issue
Affects: fedora-all [bug 640382]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2011:0177 https://rhn.redhat.com/errata/RHSA-2011-0177.html