CVE-2011-0779Improper Input Validation in Google Chrome

CWE-20Improper Input Validation2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
1.5%
top 18.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeDebian Linux
Timeline
PublishedFeb 4
Latest updateMay 13

Description

Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome< 9.0.597.84

Also affects: Debian Linux 6.0, 7.0

Patches

Patch: code.google.comPatch: code.google.com

🔴Vulnerability Details

1
GHSA
GHSA-h26m-9jg2-c7gm: Google Chrome before 92022-05-13
CVE-2011-0779 — Improper Input Validation in Google | cvebase