Описание
The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in the Google Chrome Frame plugin before 26.0.1410.28 for Internet Explorer does not properly handle attach tab requests, which allows user-assisted remote attackers to cause a denial of service (application crash) via an _blank value for the target attribute of an A element.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 26.0.1410.27 (включая)
Одно из
cpe:2.3:a:google:chrome_frame:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome_frame:15.0.874.121:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome_frame:16.0.912.63:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.0083
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in the Google Chrome Frame plugin before 26.0.1410.28 for Internet Explorer does not properly handle attach tab requests, which allows user-assisted remote attackers to cause a denial of service (application crash) via an _blank value for the target attribute of an A element.
EPSS
Процентиль: 74%
0.0083
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-119