Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document.
References
Link | Resource |
---|---|
http://code.google.com/p/chromium/issues/detail?id=58657 | Exploit Issue Tracking Mailing List Vendor Advisory |
http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html | Release Notes Vendor Advisory |
http://secunia.com/advisories/42109 | Broken Link |
http://www.debian.org/security/2011/dsa-2188 | Third Party Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11429 | Third Party Advisory |
Information
Published : 2010-11-05 17:00
Updated : 2020-07-31 10:54
NVD link : CVE-2010-4199
Mitre link : CVE-2010-4199
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
debian
- debian_linux
- chrome