CVE-2009-2974 — Vulnetix

Try Vulnetix Request Demo

CVE-2009-2974 PUBLISHED CVSS 5 MEDIUM

Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location property or (2) cause a denial of service (application hang and CPU consumption) via vectors involving a series of function calls that set a chromehtml: URI value for the document.location property.

EPSS 0.54% · 67.6th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

0.54%

67.6th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
google	chrome	0, 0.2.149.27, 0.2.149.29

Timeline

Aug 27, 2009 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

20090823 DoS vulnerability in Google Chrome mailing-list
20090825 Re: DoS vulnerability in Google Chrome mailing-list
http://websecurity.com.ua/3435/ url
https://nvd.nist.gov/vuln/detail/CVE-2009-2974 advisory
http://websecurity.com.ua/3435 url

Open in Interactive Console →