CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
77.3%
The WebSockets implementation in Google Chrome before 6.0.472.53 does not
properly handle integer values, which allows remote attackers to cause a
denial of service or possibly have unspecified other impact via unknown
vectors.
Author | Note |
---|---|
jdstrand | webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit. |
mdeslaur | webkitkde is a wrapper around qt4-x11’s webkit. looks chromium specific |
micahg | Debian has a patch (in 1.2.6-1) for this, so we’ll take it too |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 12.10 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.12.10.1 | UNKNOWN |
ubuntu | 10.04 | noarch | webkit | < 1.2.7-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | webkit | < 1.2.7-0ubuntu0.10.10.1 | UNKNOWN |