Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-1766

EPSS 2.32% · P85
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-1766

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
WebKit WebCore‘websockets/WebSocketHandshake.cpp’函数数字错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WebKit是KDE、苹果(Apple)、谷歌(Google)等公司共同开发的一套开源Web浏览器引擎,目前被Apple Safari及Google Chrome等浏览器使用。 使用在Qt和其他产品中的WebKit r56380之前版本中WebCore的WebSocketHandshake::readServerHandsh,也称为websockets/WebSocketHandshake.cpp的函数存在单字节溢出错误。远程websockets服务器可以借助长且无效的升级报头导致服务拒绝(内存损坏)或者
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-1766

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-1766

Please Login to view more intelligence information

Same Patch Batch · n/a · 2010-07-22 · 34 CVEs total

CVE-2009-4950TYPO3 A21glossary Advanced Output SQL注入漏洞
CVE-2009-4944Atutor ATRC ACollab多个跨站脚本攻击漏洞
CVE-2009-4945Atutor AdPeeps 'index.php'信任管理漏洞
CVE-2010-2568Microsoft Windows多个产品快捷方式LNK文件自动执行文件漏洞
CVE-2010-2772Siemens Simatic WinCC和PCS 7 SCADA系统硬编码密码权限许可和访问控制漏洞
CVE-2009-4946Thetricky Messaging 'controller'参数本地文件包含漏洞
CVE-2009-4947Q2 Solutions ConnX 'frmLoginPwdReminderPopup.aspx' SQL注入漏洞
CVE-2009-4948TYPO3 Store Locator跨站脚本攻击漏洞
CVE-2009-4949TYPO3 Store Locator SQL注入漏洞
CVE-2009-4943Impactsoftcompany AdPeeps 'index.php'多个信息泄露漏洞
CVE-2009-4951TYPO3 ClickStream Analyzer未明信息泄露漏洞
CVE-2009-4952TYPO3 Directory Listing目录遍历漏洞
CVE-2009-4953TYPO3 Userdata Create/Edit跨站脚本攻击漏洞
CVE-2009-4954TYPO3 Versatile Calendar Extension SQL注入漏洞
CVE-2009-4955TYPO3 ultraCards SQL注入漏洞
CVE-2009-4956TYPO3 Visitor Tracking跨站脚本攻击漏洞
CVE-2009-4957Interspire ActiveKB 'Panel'参数本地文件包含漏洞
CVE-2009-4897Artifex Ghostscript 'iscan.c' PDF文件解析缓冲区溢出漏洞
CVE-2009-4942Atutor ACollab 跨站请求伪造漏洞
CVE-2009-4941Atutor ATRC ACollab 'sign_in.php'多个跨站脚本漏洞

Showing top 20 of 34 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-1766

No comments yet

Leave a comment