CVE-2011-1798

Published: Dec 26, 2014Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown other impact via a crafted text element in an SVG document.

Affected (1)

Products: Google: Chrome

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Up to 11.0.696.64

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://crbug.com/79595

Source: chrome-cve-admin@google.com

http://launchpad.net/bugs/778822

Source: chrome-cve-admin@google.com

http://trac.webkit.org/changeset/84085

Source: chrome-cve-admin@google.com

http://crbug.com/79595

Source: af854a3a-2127-422b-91ae-364da2661108

http://launchpad.net/bugs/778822

Source: af854a3a-2127-422b-91ae-364da2661108

http://trac.webkit.org/changeset/84085

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.