CVE-2011-0779

Published: Feb 4, 2011Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.

Affected (3)

Products: Google: Chrome · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 9.0.597.84

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 6.0
Debian Debian Linux	Version 7.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

http://code.google.com/p/chromium/issues/detail?id=62791

Source: cve@mitre.org

ExploitIssue TrackingPatchVendor Advisory

http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/43782

Source: cve@mitre.org

Third Party Advisory

http://www.debian.org/security/2011/dsa-2192

Source: cve@mitre.org

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0671

Source: cve@mitre.org

Permissions Required

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14540

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=62791