CVE-2008-6995

Severity CVSS v4.0:
Pending analysis
Type:
CWE-189 Numeric Errors
Publication date:
19/08/2009
Last modified:
09/04/2025

Description

Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated using an "about:%" URI.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*