Google Chrome 'chromehtml: URI' Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with Google Chrome and is prone to Denial of Service vulnerability.

Impact

Successful attacks could allows remote attackers to cause application hang and CPU consumption which may result in Denial of Service condition. Impact Level: Application

Solution

Upgrade to Google Chrome version 4.1.249.1064 or later. For updates refer to http://www.google.com/chrome

Insight

Error occurs when vectors involving a series of function calls that set a 'chromehtml:' URI value for the document.location property.

Affected

Google Chrome version 1.0.154.65 and prior on Windows.

References

http://archives.neohapsis.com/archives/bugtraq/2009-08/0217.html
http://archives.neohapsis.com/archives/bugtraq/2009-08/0236.html
http://websecurity.com.ua/3435/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2974
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
ArGoSoft FTP Server XCWD Overflow

Take action and discover your vulnerabilities