CVE-2010-0647: webkit: remote arbitrary code execution via malformed RUBY element

Severity: Critical

CVSS Score: 9.3

WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.