Lucene search

[email protected]CVE-2010-4575

HistoryDec 22, 2010 - 1:00 a.m.

CVE-2010-4575

2010-12-2201:00:03

CWE-20

[email protected]

web.nvd.nist.gov

cve-2010-4575

google chrome

denial of service

remote attackers

nvd

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

JSON

The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension.

Affected configurations

NVD

Node

googlechrome_osRange<8.0.552.343

Node

googlechromeRange<8.0.552.224

CPENameOperatorVersion
google:chrome_osgoogle chrome oslt8.0.552.343

CPE	Name	Operator	Version
google:chrome_os	google chrome os	lt	8.0.552.343

References

code.google.com/p/chromium/issues/detail?id=60761

googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html

secunia.com/advisories/42648

src.chromium.org/viewvc/chrome?view=rev&revision=68112

www.gentoo.org/security/en/glsa/glsa-201012-01.xml

www.securityfocus.com/bid/45390

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14427

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

JSON

Related for CVE-2010-4575

cvelist1 ubuntucve1 nvd1 debiancve1 prion1 openvas6 nessus1