Google Chrome 'Webkit' CSS Implementation DoS Vulnerability (Linux) Network Vulnerability

Summary

The host is install with Google Chrome and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow the attackers to cause denial-of-service via crafted JavaScript code. Impact Level: Application

Solution

Upgrade to the Google Chrome 11.0.696.43 or later, For updates refer to http://www.google.com/chrome

Insight

The flaw is due to error in 'counterToCSSValue()' function in 'CSSComputedStyleDeclaration.cpp' in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit, does not properly handle access to the 'counterIncrement', 'counterReset' attributes of CSSStyleDeclaration data provided by a getComputedStyle method call.

Affected

Google Chrome version prior to 11.0.696.43

References

http://code.google.com/p/chromium/issues/detail?id=77665
http://googlechromereleases.blogspot.com/2011/04/beta-channel-update_12.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1691
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
COWON Media Center JetAudio .wav File Denial Of Service Vulnerability
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win
F-PROT Antivirus Multiple Vulnerabilities
chm2pdf Insecure Temporary File Creation or DoS Vulnerability

Take action and discover your vulnerabilities