CVE-2011-1691 in Chromeinfo

Zusammenfassung

von MITRE

The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

14.04.2011

Veröffentlichung

14.04.2011

Moderieren

akzeptiert

Eintrag

VDB-57125

CPE

bereit

CWE

CWE-476 (bestätigt)

CVSS

5.0 (NVD)

EPSS

0.01582

KEV

nein

Aktivitäten

very low

Sektor

Police, Industry, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1691
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1691
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1691/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!