CVE-2011-1798
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown other impact via a crafted text element in an SVG document.
rendering/svg/RenderSVGText.cpp en WebCore en WebKit en Google Chrome anterior a 11.0.696.65 no lleva a cabo correctamente una conversión de datos de una variable no especificada durante el intento de manejar el hijo de un bloqueo, esto permite a atacantes remotos provocar una denegación de servicio (bloqueo de la aplicación) o posiblemente tener otro impacto desconocido mediante elementos de texto manipulados en un documento SVG.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-04-20 CVE Reserved
- 2014-12-26 CVE Published
- 2023-11-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://crbug.com/79595 | X_refsource_confirm | |
http://launchpad.net/bugs/778822 | X_refsource_confirm | |
http://trac.webkit.org/changeset/84085 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 11.0.696.64 Search vendor "Google" for product "Chrome" and version " <= 11.0.696.64" | - |
Affected
|