CVE-2010-2297

Published: Jun 15, 2010Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table.

Affected (7)

Products: Google: Chrome · Opensuse: Opensuse · Suse: Suse Linux Enterprise Desktop, Suse Linux Enterprise Server

1 product

1 product

2 products

Suse Linux Enterprise Desktop

Suse Linux Enterprise Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 5.0.375.70

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.2
Opensuse Opensuse	Version 11.3
Suse Suse Linux Enterprise Desktop	Version 10 sp3
Suse Suse Linux Enterprise Desktop	Version 11 sp1
Suse Suse Linux Enterprise Server	Version 10 sp3
Suse Suse Linux Enterprise Server	Version 11 sp1

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (14)

http://code.google.com/p/chromium/issues/detail?id=42723

Source: cve@mitre.org

Vendor Advisory

http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html

Source: cve@mitre.org

Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://secunia.com/advisories/40072

Source: cve@mitre.org

Third Party AdvisoryVendor Advisory

http://secunia.com/advisories/43068

Source: cve@mitre.org

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0212

Source: cve@mitre.org

Permissions Required

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11434

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=42723

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://secunia.com/advisories/40072

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVendor Advisory

http://secunia.com/advisories/43068

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0212

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11434

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.