9.8

CVE-2010-4041

The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 7.0.517.41
   LinuxLinux Kernel Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.76% 0.751
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
Vendor Advisory
Release Notes
http://secunia.com/advisories/41888
Broken Link
http://www.securityfocus.com/bid/44241
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2010/2731
Not Applicable
http://code.google.com/p/chromium/issues/detail?id=54794
Patch
Vendor Advisory
Mailing List
Issue Tracking
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14201
Third Party Advisory