Vulnerability Description
Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | <= 4.0.249.78 |
Related Weaknesses (CWE)
References
- http://code.google.com/p/chromium/issues/detail?id=12523
- http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.htmlPatchVendor Advisory
- http://secunia.com/secunia_research/2009-65/Vendor Advisory
- http://securitytracker.com/id?1023506
- http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-securVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://code.google.com/p/chromium/issues/detail?id=12523
- http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.htmlPatchVendor Advisory
- http://secunia.com/secunia_research/2009-65/Vendor Advisory
- http://securitytracker.com/id?1023506
- http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-securVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2010-0655?
CVE-2010-0655 is a vulnerability with a CVSS score of 9.3 (HIGH). Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors in...
How severe is CVE-2010-0655?
CVE-2010-0655 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0655?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome.