Vulnerabilities > CVE-2010-4486 - Resource Management Errors vulnerability in Google Chrome
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Windows |
| NASL id | GOOGLE_CHROME_8_0_552_215.NASL |
| description | The version of Google Chrome installed on the remote host is earlier than 8.0.552.215. Such versions are reportedly affected by multiple vulnerabilities : - It may be possible to bypass the pop-up blocker. (Issue #17655) - A cross-origin video theft vulnerability exists related to canvas. (Issue #55745) - An unspecified crash exists when handling HTML5 databases. (Issue #56237) - Excessive file dialogs could lead to a browser crash. (Issue #58329) - A use after free error exists in history handling. (Issue #59554) - It may be possible to crash the browser when performing http proxy authentication. (Issue #61701) - An out-of-bounds read regression exists in the WebM video support. (Issue #61701) - It may be possible to crash the browser due to bad indexing with malformed video. (Issue #62127) - A memory corruption issue exists relating to malicious privileged extension. (Issue #62168) - A use-after-free error exists in the handling of SVG animations. (Issue #62401) - A use-after-free error exists in the mouse dragging event handling. (Issue #63051) - A double free error exists in XPath handling. (Issue #63444) |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 50977 |
| published | 2010-12-03 |
| reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/50977 |
| title | Google Chrome < 8.0.552.215 Multiple Vulnerabilities |
Oval
| accepted | 2013-08-12T04:00:19.931-04:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling. | ||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:11630 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2010-12-13T12:01:17 | ||||||||||||||||||||||||
| title | Use-after-free vulnerability in Google Chrome before 8.0.552.215 via vectors related to history handling | ||||||||||||||||||||||||
| version | 52 |