CVE-2010-0651
Publication date 18 February 2010
Last updated 24 July 2024
Ubuntu priority
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
Status
Package | Ubuntu Release | Status |
---|---|---|
chromium-browser | ||
qt4-x11 | ||
webkit | ||
Notes
jdstrand
qt4-x11 unmaintained upstream (see README.webkit for details) webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit.
mdeslaur
webkitkde is a wrapper around qt4-x11's webkit. code in webkit in hardy-karmic is different, need to test