Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-1691

The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.

Published

2011-04-15T00:55:02.287

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	google	chrome	< 11.0.696.43	Yes

References

http://code.google.com/p/chromium/issues/detail?id=77665 Exploit, Issue Tracking, Patch, Vendor Advisory ([email protected])
http://googlechromereleases.blogspot.com/2011/04/beta-channel-update_12.html Vendor Advisory ([email protected])
http://trac.webkit.org/changeset/82222 Patch ([email protected])
https://bugs.webkit.org/show_bug.cgi?id=57266 Exploit, Issue Tracking, Patch, Third Party Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/66818 Third Party Advisory, VDB Entry ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14365 Third Party Advisory ([email protected])
http://code.google.com/p/chromium/issues/detail?id=77665 Exploit, Issue Tracking, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://googlechromereleases.blogspot.com/2011/04/beta-channel-update_12.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://trac.webkit.org/changeset/82222 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://bugs.webkit.org/show_bug.cgi?id=57266 Exploit, Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66818 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14365 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)