CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
81.2%
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.
code.google.com/p/chromium/issues/detail?id=77665
googlechromereleases.blogspot.com/2011/04/beta-channel-update_12.html
trac.webkit.org/changeset/82222
bugs.webkit.org/show_bug.cgi?id=57266
exchange.xforce.ibmcloud.com/vulnerabilities/66818
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14365