CVE-2010-4576

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
22/12/2010
Last modified:
11/04/2025

Description

browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:* 8.0.552.343 (excluding)
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* 8.0.552.224 (excluding)