Bugzilla – Bug 655971
VUL-1: libwebkit: remote bypass of pop-up blocker
Last modified: 2011-01-06 22:57:29 UTC
There is a security bug in package 'libwebkit'.
This bug is public.
There is no coordinated release date (CRD) set.
More information can be found here:
CVE number: CVE-2010-4037
CVE description: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4037
CVSS v2 Base Score: 3.7 (moderate) (AV:L/AC:H/Au:N/C:P/I:P/A:P)
Insufficient Information (CWE-noinfo)
Vincent Danen 2010-11-24 17:02:20 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-4037 to
the following vulnerability:
Reference: CONFIRM: http://code.google.com/p/chromium/issues/detail?id=53002
Reference: URL: http://www.securityfocus.com/bid/44241
Reference: URL: http://secunia.com/advisories/41888
Reference: URL: http://www.vupen.com/english/advisories/2010/2731
Unspecified vulnerability in Google Chrome before 7.0.517.41 allows
remote attackers to bypass the pop-up blocker via unknown vectors.
It is unclear to me as of yet whether this does affect webkitgtk; the code
looks like it may be applicable but due to how Chrome handles things
differently, it is possible this is Chrome-specific. It needs further
P5->P3 mass change
This code does not seem to be in webkit-gtk 1.2.x, so the issue won't affect 11.3 and earlier.
The code is in Factory, but it already features a fixed version (the fix changed a bit later, so the changeset mentioned here is not really a good indicator, see http://trac.webkit.org/changeset/69924/trunk/WebCore/loader/NavigationScheduler.cpp)