Author: iuculano
Date: 2010-09-19 08:51:46 +0000 (Sun, 19 Sep 2010)
New Revision: 15347
Modified:
data/CVE/list
Log:
changeset for CVE-2010-1807
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-09-18 14:32:25 UTC (rev 15346)
+++ data/CVE/list 2010-09-19 08:51:46 UTC (rev 15347)
@@ -4225,7 +4225,8 @@
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2
does not ...)
- webkit <unfixed>
- chromium-browser <not-affected>
- NOTE: don''t know the changeset, but the problem is that the
standard-library strtod()
+ NOTE: http://trac.webkit.org/changeset/64706
https://bugs.webkit.org/show_bug.cgi?id=43461
+ NOTE: the problem is that the standard-library strtod()
NOTE: parses "NAN(payload)" as a NaN with a user-defined payload,
which is bad for the nan-boxing
NOTE: scheme used by webkit (and mozilla). The fix is not to accept
"NAN(payload)".
NOTE: test-case: -parseFloat("NAN(ffffeeeeeff0f)")