CVE Vulnerabilities

CVE-2008-6995

Published: Aug 19, 2009 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a % (percent) character, which triggers a buffer over-read, as demonstrated using an about:% URI.

Affected Software

Name Vendor Start Version End Version
Chrome Google 0.2.149.27 0.2.149.27

References