Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-0664

Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of service (memory consumption and application crash) via a URL that specifies multiple protocols, as demonstrated by a URL that begins with many repetitions of the view-source: substring.

See the

CVE page on Mitre.org for more details.

References

MISC: http://exchange.kg/oth...
MISC: http://twitter.com/aki...
CONFIRM: http://code.google.com...
CONFIRM: http://googlechromerel...
CONFIRM: http://sites.google.co...
SECTRACK: 1023506
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2010-0664

Related bugs

References