Vulnerabilities > CVE-2010-2120 - Resource Management Errors vulnerability in Google Chrome 1.0.154.48

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

google

CWE-399

NVD

Published: 2010-06-01

Updated: 2018-10-10

Summary

Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

Vulnerable Configurations

Part	Description	Count
Application	Google Google Chrome 1.0.154.48	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Oval

accepted

2013-08-12T04:00:44.549-04:00

class

vulnerability

contributors

name Bhavya K
organization SecPod Technologies
name Shane Shaffer
organization G2, Inc.
name Shane Shaffer
organization G2, Inc.
name Shane Shaffer
organization G2, Inc.
name Shane Shaffer
organization G2, Inc.
name Maria Kedovskaya
organization ALTX-SOFT

definition_extensions

comment	Google Chrome is installed
oval	oval:org.mitre.oval:def:11914

description

family

windows

oval:org.mitre.oval:def:11966

status

accepted

submitted

2010-08-02T17:16:08

title

Denial of service in Google Chrome 1.0.154.48 via JavaScript code containing an infinite loop

version

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Oval

References