Vulnerabilities > CVE-2010-2120 - Resource Management Errors vulnerability in Google Chrome 1.0.154.48

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

Vulnerable Configurations

Part Description Count
Application
Google
1

Common Weakness Enumeration (CWE)

Oval

accepted2013-08-12T04:00:44.549-04:00
classvulnerability
contributors
  • nameBhavya K
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionGoogle Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
familywindows
idoval:org.mitre.oval:def:11966
statusaccepted
submitted2010-08-02T17:16:08
titleDenial of service in Google Chrome 1.0.154.48 via JavaScript code containing an infinite loop
version50