An input validation issue exists in WebKit's handling of floating point data types. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved validation of floating point values. Credit to Luke Wagner of Mozilla for reporting this issue. References: https://bugs.webkit.org/show_bug.cgi?id=43461 http://trac.webkit.org/changeset/64706
This is now public: http://support.apple.com/kb/HT4333
This issue has been corrected in WebKitGTK 1.2.5.
Created webkitgtk tracking bugs for this issue Affects: fedora-all [bug 640382]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0177 https://rhn.redhat.com/errata/RHSA-2011-0177.html