HTTP: Google Chrome Stale Pointer in Floats Rendering Memory Corruption
A vulnerability has been identified in Google Chrome. This vulnerability is due to the use of a stale pointer in rendering floats. A remote attacker may exploit this vulnerability by enticing a target user to view a malicious web page. Successful exploitation of this vulnerability could result in the execution of arbitrary code in the security context of the user. An unsuccessful attack may result in abnormal termination of the software.
Extended Description
Google Chrome is prone to a memory-corruption vulnerability because of a NULL-pointer-dereference error. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow attackers to execute arbitrary code in the context of the browser. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Chrome 11.0.696.71 are vulnerable.
Affected Products
Google chrome
Short Name
HTTP:STC:CHROME:STALE-PTR
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2011-1804 Chrome Corruption Floats Google Memory Pointer Rendering Stale bid:47965 in
Release Date
06/01/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Srware
CVSS Score
7.5