CVE-2011-0474 — Google Chrome vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

2.2%

top 15.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Google Chrome OS Debian Linux

Timeline

PublishedJan 14

Latest updateMay 13

Description

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDgoogle/chrome< 8.0.552.237

▶NVDgoogle/chrome_os< 8.0.552.344

Also affects: Debian Linux 6.0, 7.0

Patches

Patch: code.google.com ↗Patch: code.google.com ↗

🔴Vulnerability Details

GHSA

GHSA-28q6-2p45-6wjp: Google Chrome before 8↗2022-05-13

▶

CVEList

CVE-2011-0474: Google Chrome before 8↗2011-01-14

▶