CVE-2010-4039

Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
googlechrome
𝑥
< 7.0.517.41
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
maverick
Fixed 7.0.517.41~r62167-0ubuntu0.10.10.1
released
lucid
Fixed 7.0.517.41~r62167-0ubuntu0.10.04.1
released
karmic
dne
jaunty
dne
hardy
dne
dapper
dne
References
http://code.google.com/p/chromium/issues/detail?id=54132
http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
http://secunia.com/advisories/41888
http://www.securityfocus.com/bid/44241
http://www.vupen.com/english/advisories/2010/2731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14223
http://code.google.com/p/chromium/issues/detail?id=54132
http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
http://secunia.com/advisories/41888
http://www.securityfocus.com/bid/44241
http://www.vupen.com/english/advisories/2010/2731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14223