製品・ソフトウェアに関する情報

JVN脆弱性詳細

WebKit の WebCore 内にある toAlphabetic 関数における一つずれ (off-by-one) エラーの脆弱性

Title	WebKit の WebCore 内にある toAlphabetic 関数における一つずれ (off-by-one) エラーの脆弱性
Summary	Google Chrome にて使用される WebKit の WebCore 内にある rendering/RenderListMarker.cpp の toAlphabetic 関数には、HTML のリストマーカに関する処理に不備があるため、一つずれ (Off-by-one) エラーの脆弱性が存在します。
Possible impacts	第三者により、重要な情報を取得される、またはサービス運用妨害 (DoS) 状態にされる、あるいは任意のコードを実行される可能性があります。
Solution	ベンダ情報及び参考情報を参照して適切な対策を実施してください。
Publication Date	June 8, 2010, midnight
Registration Date	Jan. 26, 2011, 12:59 p.m.
Last Update	Jan. 26, 2011, 12:59 p.m.

CVSS2.0 : 危険
Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C

Affected System

Google

Google Chrome 5.0.375.70 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-1773	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773
National Vulnerability Database (NVD)
2	CVE-2010-1773	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1773

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-189	https://jvndb.jvn.jp/ja/cwe/CWE-189.html

ベンダー情報

No	Name	URL
Google
1	Google Chrome	http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja
2	stable-channel-update	http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html

Change Log

No	Changed Details	Date of change
0	[2011年01月26日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-1773

Summary	Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
Publication Date	Sept. 25, 2010, 4 a.m.
Registration Date	Jan. 29, 2021, 11:01 a.m.
Last Update	Nov. 21, 2024, 10:15 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:google:chrome::::::::					5.0.375.70

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::

Configuration4	or higher	or less	more than	less than
cpe:2.3:o:opensuse:opensuse:11.2:::::::*
cpe:2.3:o:opensuse:opensuse:11.3:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:o:fedoraproject:fedora:13:::::::*
cpe:2.3:o:fedoraproject:fedora:12:::::::*

Related information, measures and tools

No	URL	タグ
1	http://code.google.com/p/chromium/issues/detail?id=44955	Mailing List Vendor Advisory
2	http://code.google.com/p/chromium/issues/detail?id=44955	Mailing List Vendor Advisory
3	http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html	Release Notes Vendor Advisory
4	http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html	Release Notes Vendor Advisory
5	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html	Mailing List Third Party Advisory
6	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html	Mailing List Third Party Advisory
7	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html	Mailing List Third Party Advisory
8	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html	Mailing List Third Party Advisory
9	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List Third Party Advisory
10	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List Third Party Advisory
11	http://secunia.com/advisories/40072	Broken Link
12	http://secunia.com/advisories/40072	Broken Link
13	http://secunia.com/advisories/40557	Broken Link
14	http://secunia.com/advisories/40557	Broken Link
15	http://secunia.com/advisories/41856	Broken Link
16	http://secunia.com/advisories/41856	Broken Link
17	http://secunia.com/advisories/43068	Broken Link
18	http://secunia.com/advisories/43068	Broken Link
19	http://trac.webkit.org/changeset/59950	Mailing List Patch Vendor Advisory
20	http://trac.webkit.org/changeset/59950	Mailing List Patch Vendor Advisory
21	http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	Broken Link
22	http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	Broken Link
23	http://www.securityfocus.com/bid/41575	Third Party Advisory VDB Entry
24	http://www.securityfocus.com/bid/41575	Third Party Advisory VDB Entry
25	http://www.ubuntu.com/usn/USN-1006-1	Third Party Advisory
26	http://www.ubuntu.com/usn/USN-1006-1	Third Party Advisory
27	http://www.vupen.com/english/advisories/2010/1801	Broken Link
28	http://www.vupen.com/english/advisories/2010/1801	Broken Link
29	http://www.vupen.com/english/advisories/2010/2722	Broken Link
30	http://www.vupen.com/english/advisories/2010/2722	Broken Link
31	http://www.vupen.com/english/advisories/2011/0212	Broken Link
32	http://www.vupen.com/english/advisories/2011/0212	Broken Link
33	http://www.vupen.com/english/advisories/2011/0552	Broken Link
34	http://www.vupen.com/english/advisories/2011/0552	Broken Link
35	https://bugs.webkit.org/show_bug.cgi?id=39508	Permissions Required Vendor Advisory
36	https://bugs.webkit.org/show_bug.cgi?id=39508	Permissions Required Vendor Advisory
37	https://bugzilla.redhat.com/show_bug.cgi?id=596500	Issue Tracking Third Party Advisory
38	https://bugzilla.redhat.com/show_bug.cgi?id=596500	Issue Tracking Third Party Advisory
39	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11830	Third Party Advisory
40	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11830	Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-193	境界条件の判定	https://cwe.mitre.org/data/definitions/193.html