CVE-2011-1691
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
15/04/2011
Last modified:
11/04/2025
Description
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 11.0.696.43 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://code.google.com/p/chromium/issues/detail?id=77665
- http://googlechromereleases.blogspot.com/2011/04/beta-channel-update_12.html
- http://trac.webkit.org/changeset/82222
- https://bugs.webkit.org/show_bug.cgi?id=57266
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66818
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14365
- http://code.google.com/p/chromium/issues/detail?id=77665
- http://googlechromereleases.blogspot.com/2011/04/beta-channel-update_12.html
- http://trac.webkit.org/changeset/82222
- https://bugs.webkit.org/show_bug.cgi?id=57266
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66818
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14365