Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:12647
HistoryNov 16, 2009 - 12:00 a.m.

Google Chrome web帧重新定向拒绝服务漏洞

2009-11-1600:00:00
Root
www.seebug.org
15

0.012 Low

EPSS

Percentile

85.5%

JSON

CVE ID: CVE-2009-3934

Google Chrome是Google发布的开源WEB浏览器。

Chrome的src/webkit/glue/webframeloaderclient_impl.cc文件中的WebFrameLoaderClient::dispatchDidChangeLocationWithinPage函数没有正确地处理Web帧重新定向,恶意网页可以在WebDataSourceImpl::endOfRedirectChain()中触发以下ASSERT:

ASSERT(!m_redirectChain.isEmpty());

导致浏览器崩溃。

Google Chrome 3.0.195.32
厂商补丁:

Google

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://src.chromium.org/viewvc/chrome?view=rev&revision=30496

Related

cvelist 1
nvd 1
debiancve 1
cve 1
prion 1
openvas 2
nessus 2
cvelist
cvelist
CVE-2009-3934
2009-11-12 16:00:00
nvd
nvd
CVE-2009-3934
2009-11-12 17:54:58
debiancve
debiancve
CVE-2009-3934
2009-11-12 17:54:00
cve
cve
CVE-2009-3934
2009-11-12 17:54:58
prion
prion
Open redirect
2009-11-12 17:54:00
openvas
openvas
Google Chrome Multiple Vulnerabilities - Nov09
2009-11-17 00:00:00
Google Chrome Multiple Vulnerabilities (Nov 2009)
2009-11-17 00:00:00
nessus
nessus
openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
2014-06-13 00:00:00
openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
2011-05-05 00:00:00

0.012 Low

EPSS

Percentile

85.5%

JSON
Related for SSV:12647
cvelist1nvd1debiancve1cve1prion1openvas2nessus2