Integer Overflow in Text::wholeText Method in WebKit

Integer Overflow in Text::wholeText Method in WebKit

CVE-2010-3812 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects.

Learn more about our Web App Pen Testing.