CVE-2010-4042

Published: Oct 21, 2010Modified: Apr 29, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."

Affected (3)

Products: Google: Chrome · Opensuse: Opensuse

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 7.0.517.41

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.2
Opensuse Opensuse	Version 11.3

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (14)

http://code.google.com/p/chromium/issues/detail?id=56451

Source: cve@mitre.org

ExploitIssue TrackingMailing ListVendor Advisory

http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html

Source: cve@mitre.org

Release NotesVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://secunia.com/advisories/41888

Source: cve@mitre.org

Broken Link

http://www.securityfocus.com/bid/44241

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2010/2731

Source: cve@mitre.org

Not Applicable

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6654

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=56451