CVE Vulnerabilities

CVE-2010-4041

Published: Oct 21, 2010 | Modified: Jul 31, 2020
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
HIGH

The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Chrome Google * 7.0.517.41 (excluding)
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu lucid *
Chromium-browser Ubuntu maverick *
Chromium-browser Ubuntu upstream *

References