CVE-2010-1766

Impact:
Critical
Public Date:
2010-06-07
CWE:
CWE-193
Bugzilla:
596494: CVE-2010-1766 WebKit: off-by-one memory corruption flaw WebSocketHandshake::readServerHandshake()

The MITRE CVE dictionary describes this issue as:

Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid.

Find out more about CVE-2010-1766 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 6.8
Base Metrics AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 qt Will not fix
Red Hat Enterprise Linux 6 webkitgtk Not affected

Acknowledgements

Red Hat would like to thank Drew Yao of Apple Product Security for responsibly reporting this issue. Upstream acknowledges Skylined of Google Chrome Security Team as the original reporter.
Last Modified

CVE description copyright © 2017, The MITRE Corporation