Lucene search

MitreCVE-2011-0473

HistoryJan 14, 2011 - 5:00 p.m.

CVE-2011-0473

2011-01-1417:00:02

mitre

web.nvd.nist.gov

cve-2011-0473

google chrome

chrome os

css

denial of service

stale pointer

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.022

Percentile

89.4%

JSON

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a “stale pointer.”

Affected configurations

Nvd

Node

googlechrome_osRange<8.0.552.344

Node

googlechromeRange<8.0.552.237

VendorProductVersionCPE
googlechrome_os*cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome_os	*	cpe:2.3:o:google:chrome_os::::::::
google	chrome	*	cpe:2.3:a:google:chrome::::::::

References

code.google.com/p/chromium/issues/detail?id=66560

googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html

osvdb.org/70456

secunia.com/advisories/42951

www.securityfocus.com/bid/45788

www.srware.net/forum/viewtopic.php?f=18&t=2054

exchange.xforce.ibmcloud.com/vulnerabilities/64664

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14460

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.022

Percentile

89.4%

JSON

Related for CVE-2011-0473