Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Chrome | 1.0.154.48 (including) | 1.0.154.48 (including) | |
| Chromium-browser | Ubuntu | devel | * |
| Chromium-browser | Ubuntu | lucid | * |
References
- http://websecurity.com.ua/4238/
- http://www.securityfocus.com/archive/1/511509/100/0/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11966
- http://websecurity.com.ua/4238/
- http://www.securityfocus.com/archive/1/511509/100/0/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11966