5

CVE-2011-1186

Exploit
Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to the print method, which might allow remote attackers to cause a denial of service (application crash) via crafted JavaScript code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 10.0.648.127
   LinuxLinux Kernel Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.69% 0.839
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html
Vendor Advisory
http://www.securityfocus.com/bid/46785
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2011/0628
Permissions Required
http://code.google.com/p/chromium/issues/detail?id=66962
Patch
Vendor Advisory
Exploit
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/65950
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14255
Third Party Advisory