Vulnerabilities > CVE-2010-1229 - Resource Management Errors vulnerability in Google Chrome
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows |
NASL id | GOOGLE_CHROME_4_1_249_1036.NASL |
description | The version of Google Chrome installed on the remote host is prior to 4.1.249.1036. It is, therefore, affected by multiple vulnerabilities : - Multiple race conditions and pointer errors in the sandbox infrastructure. (Issue #28804, #31880) - An error relating to persisted metadata such as Web Databases and STS. (Issue #20801, #33445) - HTTP headers are processed before the SafeBrowsing check. (Issue #33572) - A memory error with malformed SVG. (Issue #34978) - Multiple integer overflows in WebKit JavaScript objects. (Issue #35724) - The HTTP basic auth dialog truncates URLs. (Issue #36772) - It is possible to bypass the download warning dialog. (Issue #37007) - An unspecified cross-origin bypass vulnerability. (Issue #37383) - A memory error relating to empty SVG elements. Note that this only affects Chrome Beta versions. (Issue #37061) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 45086 |
published | 2010-03-18 |
reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/45086 |
title | Google Chrome < 4.1.249.1036 Multiple Vulnerabilities |
code |
|
Oval
accepted | 2014-04-07T04:00:57.712-04:00 | ||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||
description | The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors. | ||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:14220 | ||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||
submitted | 2011-11-25T18:06:11.000-05:00 | ||||||||||||||||||||||||||||
title | The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors. | ||||||||||||||||||||||||||||
version | 52 |
References
- http://code.google.com/p/chromium/issues/detail?id=28804
- http://code.google.com/p/chromium/issues/detail?id=28804
- http://code.google.com/p/chromium/issues/detail?id=31880
- http://code.google.com/p/chromium/issues/detail?id=31880
- http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
- http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14220
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14220