Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
msvrMicrosoft Vulnerability ResearchMSVR11-001
HistoryApr 19, 2011 - 12:00 a.m.

Use-After-Free Object Lifetime Vulnerability in Chrome Could Allow Sandboxed Remote Code Execution

2011-04-1900:00:00
Microsoft Vulnerability Research
technet.microsoft.com
572

0.013 Low

EPSS

Percentile

86.1%

JSON

Executive Summary

Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Chrome browser versions prior to 6.0.472.59. Microsoft engineers discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Google Inc. Google Inc. has remediated the vulnerability.

A sandboxed remote code execution vulnerability exists in the way that Google Chrome attempts to reference memory that has been freed. An attacker could exploit the vulnerability to cause the browser to become unresponsive and/or exit unexpectedly, allowing an attacker to run arbitrary code within the Google Chrome Sandbox. The Google Chrome Sandbox is read and write isolated from the local file system which limits an attacker.

Microsoft Vulnerability Research reported this issue to and coordinated with the Chromium Project and the Google Security Team to ensure remediation of this issue. This vulnerability has been assigned the entry, CVE-2010-1823, in the Common Vulnerabilities and Exposures list. For more information, including information about updates from Google, see Google Chrome Releases: Announcements and release notes for the Google Chrome browser.

Mitigating Factors

  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site.
  • Successful exploitation of this vulnerability does not allow for code to run outside of the Google Chrome Sandbox, which is read and write isolated from the local file system, although other attacks may be possible.
CPENameOperatorVersion
google chromele6.0.472.55

Related

cvelist 1
prion 2
nvd 2
debiancve 1
cve 2
ubuntucve 1
openvas 6
nessus 7
securityvulns 4
seebug 1
cvelist
cvelist
CVE-2010-1823
2010-09-24 18:00:00
prion
prion
Design/Logic Flaw
2010-09-24 19:00:00
Design/Logic Flaw
2010-09-16 21:00:00
nvd
nvd
CVE-2010-1823
2010-09-24 19:00:04
CVE-2010-3408
2010-09-16 21:00:02
debiancve
debiancve
CVE-2010-1823
2010-09-24 19:00:00
cve
cve
CVE-2010-1823
2010-09-24 19:00:04
CVE-2010-3408
2010-09-16 21:00:02
ubuntucve
ubuntucve
CVE-2010-1823
2010-09-24 00:00:00
openvas
openvas
Google Chrome multiple vulnerabilities Sep-10 (Windows)
2010-09-21 00:00:00
Google Chrome multiple vulnerabilities Sep-10 (Linux)
2010-09-21 00:00:00
Google Chrome Multiple Vulnerabilities (Sep 2010) - Linux
2010-09-21 00:00:00
nessus
nessus
Google Chrome < 6.0.472.59 Multiple Vulnerabilities
2010-09-15 00:00:00
Mac OS X : Apple Safari < 5.1 / 5.0.6
2011-07-21 00:00:00
Safari < 5.1 Multiple Vulnerabilities
2011-07-21 00:00:00
securityvulns
securityvulns
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
2011-07-22 00:00:00
WebKit / Apple Safari / Google Chrome multiple security vulnerabilities
2011-08-01 00:00:00
Apple iTunes multiple security vulnerabilities
2011-10-16 00:00:00
seebug
seebug
Apple iTunes多个安全漏洞
2011-10-13 00:00:00

0.013 Low

EPSS

Percentile

86.1%

JSON
Related for MSVR11-001
cvelist1prion2nvd2debiancve1cve2ubuntucve1openvas6nessus7securityvulns4seebug1