CVE-2011-0478Improper Input Validation in Google Chrome

CWE-20Improper Input Validation3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
1.9%
top 16.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeGoogle Chrome OS
Timeline
PublishedJan 14
Latest updateMay 13

Description

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDgoogle/chrome< 8.0.552.237
NVDgoogle/chrome_os< 8.0.552.344

🔴Vulnerability Details

2
GHSA
GHSA-346c-947r-hrg8: Google Chrome before 82022-05-13
CVEList
CVE-2011-0478: Google Chrome before 82011-01-14
CVE-2011-0478 — Improper Input Validation in Google | cvebase