Vulnerability Details CVE-2010-1766
Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- http://secunia.com/advisories/40557
- http://secunia.com/advisories/41856
- http://secunia.com/advisories/43068
- http://trac.webkit.org/changeset/56380
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
- http://www.ubuntu.com/usn/USN-1006-1
- http://www.vupen.com/english/advisories/2010/1801
- http://www.vupen.com/english/advisories/2010/2722
- http://www.vupen.com/english/advisories/2011/0212
- http://www.vupen.com/english/advisories/2011/0552
- https://bugs.webkit.org/show_bug.cgi?id=36339
- https://bugzilla.redhat.com/show_bug.cgi?id=596494
- http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- http://secunia.com/advisories/40557
- http://secunia.com/advisories/41856
- http://secunia.com/advisories/43068
- http://trac.webkit.org/changeset/56380
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
- http://www.ubuntu.com/usn/USN-1006-1
- http://www.vupen.com/english/advisories/2010/1801
- http://www.vupen.com/english/advisories/2010/2722
- http://www.vupen.com/english/advisories/2011/0212
- http://www.vupen.com/english/advisories/2011/0552
- https://bugs.webkit.org/show_bug.cgi?id=36339
- https://bugzilla.redhat.com/show_bug.cgi?id=596494
Products affected by CVE-2010-1766
-
cpe:2.3:a:digia:qt:1.41
-
cpe:2.3:a:digia:qt:1.42
-
cpe:2.3:a:digia:qt:1.43
-
cpe:2.3:a:digia:qt:1.44
-
cpe:2.3:a:digia:qt:1.45
-
cpe:2.3:a:digia:qt:2.0.0
-
cpe:2.3:a:digia:qt:2.0.1
-
cpe:2.3:a:digia:qt:2.0.2
-
cpe:2.3:a:digia:qt:3.3.0
-
cpe:2.3:a:digia:qt:3.3.1
-
cpe:2.3:a:digia:qt:3.3.2
-
cpe:2.3:a:digia:qt:3.3.3
-
cpe:2.3:a:digia:qt:3.3.4
-
cpe:2.3:a:digia:qt:3.3.5
-
cpe:2.3:a:digia:qt:3.3.6
-
cpe:2.3:a:digia:qt:4.0.0
-
cpe:2.3:a:digia:qt:4.0.1
-
cpe:2.3:a:digia:qt:4.1.0
-
cpe:2.3:a:digia:qt:4.1.1
-
cpe:2.3:a:digia:qt:4.1.2
-
cpe:2.3:a:digia:qt:4.1.3
-
cpe:2.3:a:digia:qt:4.1.4
-
cpe:2.3:a:digia:qt:4.1.5
-
cpe:2.3:a:digia:qt:4.2
-
cpe:2.3:a:digia:qt:4.2.0
-
cpe:2.3:a:digia:qt:4.2.1
-
cpe:2.3:a:digia:qt:4.2.3
-
cpe:2.3:a:digia:qt:4.3.0
-
cpe:2.3:a:digia:qt:4.3.1
-
cpe:2.3:a:digia:qt:4.3.2
-
cpe:2.3:a:digia:qt:4.3.3
-
cpe:2.3:a:digia:qt:4.3.4
-
cpe:2.3:a:digia:qt:4.3.5
-
cpe:2.3:a:digia:qt:4.4.0
-
cpe:2.3:a:digia:qt:4.4.1
-
cpe:2.3:a:digia:qt:4.4.2
-
cpe:2.3:a:digia:qt:4.4.3
-
cpe:2.3:a:digia:qt:4.5.0
-
cpe:2.3:a:digia:qt:4.5.1
-
cpe:2.3:a:digia:qt:4.5.2
-
cpe:2.3:a:digia:qt:4.5.3
-
cpe:2.3:a:digia:qt:4.6.0
-
cpe:2.3:a:digia:qt:4.6.1
-
cpe:2.3:a:digia:qt:4.6.2
-
cpe:2.3:a:webkit:webkit:2.4.11