[Secure-testing-commits] r15347 - data/CVE
Giuseppe Iuculano
iuculano at alioth.debian.org
Sun Sep 19 08:51:55 UTC 2010
Author: iuculano
Date: 2010-09-19 08:51:46 +0000 (Sun, 19 Sep 2010)
New Revision: 15347
Modified:
data/CVE/list
Log:
changeset for CVE-2010-1807
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-18 14:32:25 UTC (rev 15346)
+++ data/CVE/list 2010-09-19 08:51:46 UTC (rev 15347)
@@ -4225,7 +4225,8 @@
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not ...)
- webkit <unfixed>
- chromium-browser <not-affected>
- NOTE: don't know the changeset, but the problem is that the standard-library strtod()
+ NOTE: http://trac.webkit.org/changeset/64706 https://bugs.webkit.org/show_bug.cgi?id=43461
+ NOTE: the problem is that the standard-library strtod()
NOTE: parses "NAN(payload)" as a NaN with a user-defined payload, which is bad for the nan-boxing
NOTE: scheme used by webkit (and mozilla). The fix is not to accept "NAN(payload)".
NOTE: test-case: -parseFloat("NAN(ffffeeeeeff0f)")
More information about the Secure-testing-commits
mailing list