Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location property or (2) cause a denial of service (application hang and CPU consumption) via vectors involving a series of function calls that set a chromehtml: URI value for the document.location property.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Chrome | 0.2.149.27 | 0.2.149.27 | |
Chrome | 0.2.149.29 | 0.2.149.29 | |
Chrome | 0.2.149.30 | 0.2.149.30 | |
Chrome | 0.2.152.1 | 0.2.152.1 | |
Chrome | 0.2.153.1 | 0.2.153.1 | |
Chrome | 0.3.154.0 | 0.3.154.0 | |
Chrome | 0.3.154.3 | 0.3.154.3 | |
Chrome | 0.4.154.18 | 0.4.154.18 | |
Chrome | 0.4.154.22 | 0.4.154.22 | |
Chrome | 0.4.154.31 | 0.4.154.31 | |
Chrome | 0.4.154.33 | 0.4.154.33 | |
Chrome | 1.0.154.36 | 1.0.154.36 | |
Chrome | 1.0.154.39 | 1.0.154.39 | |
Chrome | 1.0.154.42 | 1.0.154.42 | |
Chrome | 1.0.154.43 | 1.0.154.43 | |
Chrome | 1.0.154.46 | 1.0.154.46 | |
Chrome | * | 1.0.154.48 | |
Chrome | 1.0.154.52 | 1.0.154.52 | |
Chrome | 1.0.154.53 | 1.0.154.53 | |
Chrome | 1.0.154.59 | 1.0.154.59 | |
Chrome | 1.0.154.65 | 1.0.154.65 |