CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
81.2%
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the
Cascading Style Sheets (CSS) implementation in WebCore in WebKit before
r82222, as used in Google Chrome before 11.0.696.43 and other products,
does not properly handle access to the (1) counterIncrement and (2)
counterReset attributes of CSSStyleDeclaration data provided by a
getComputedStyle method call, which allows remote attackers to cause a
denial of service (NULL pointer dereference and application crash) via
crafted JavaScript code.
Author | Note |
---|---|
jdstrand | qt4-x11 unmaintained upstream (see README.webkit for details) |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.10.04.2 | UNKNOWN |
ubuntu | 10.10 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.10.10.1 | UNKNOWN |
ubuntu | 11.04 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu1 | UNKNOWN |