Mandriva Linux Security Advisory 2011-039 - Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. The updated packages have been upgraded to the latest version to correct these issues.
9aa3acee10ae2e83e96128d82e5f1409071587392804e700307a97e3ba876551
Zero Day Initiative Advisory 10-029 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the WebCore's HTMLObjectElement::renderFallBackContent() method. By rewriting an HTML element via the document's innerHTML() method a memory corruption occurs resulting from a call-after-free. This can be leveraged to execute arbitrary code under the context of the current user.
96ac047753aa8b572260a0c5d67b5b0fbef2fd3f84eeab18e24c2bba4a0d4823