CVE-2010-4042

moderate-risk
Published 2010-10-21

Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."

Do I need to act?

~
1.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (3)

Affected Vendors

Opensuse Google

References (14)

Exploit http://code.google.com/p/chromium/issues/detail?id=56451
Release Notes http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
Broken Link http://secunia.com/advisories/41888
Third Party Advisory http://www.securityfocus.com/bid/44241
Not Applicable http://www.vupen.com/english/advisories/2010/2731
Third Party Advisory https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3...
Exploit http://code.google.com/p/chromium/issues/detail?id=56451
Release Notes http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
Broken Link http://secunia.com/advisories/41888
Third Party Advisory http://www.securityfocus.com/bid/44241
Not Applicable http://www.vupen.com/english/advisories/2010/2731
Third Party Advisory https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3...
46
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 5/34 · Minimal
Exposure 9/34 · Low