Vulnerabilities > CVE-2010-1992 - Resource Management Errors vulnerability in Google Chrome 1.0.154.48

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
google
CWE-399
NVD
Published: 2010-05-20
Updated: 2018-10-10

Summary

Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

Vulnerable Configurations

Part Description Count
Application
Google
1

Common Weakness Enumeration (CWE)

Oval

accepted2013-08-12T04:00:09.536-04:00
classvulnerability
contributors
  • nameBhavya K
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionGoogle Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
familywindows
idoval:org.mitre.oval:def:11363
statusaccepted
submitted2010-08-02T17:16:08
titleDenial of service in Google Chrome 1.0.154.48 via an HTML document with many IFRAME elements.
version50

References