CVE-2010-4041

EUVD-2010-4017
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
googlechrome
𝑥
< 7.0.517.41
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
dapper
dne
hardy
dne
jaunty
dne
karmic
dne
lucid
Fixed 7.0.517.41~r62167-0ubuntu0.10.04.1
released
maverick
Fixed 7.0.517.41~r62167-0ubuntu0.10.10.1
released
References
http://code.google.com/p/chromium/issues/detail?id=54794
http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
http://secunia.com/advisories/41888
http://www.securityfocus.com/bid/44241
http://www.vupen.com/english/advisories/2010/2731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14201
http://code.google.com/p/chromium/issues/detail?id=54794
http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
http://secunia.com/advisories/41888
http://www.securityfocus.com/bid/44241
http://www.vupen.com/english/advisories/2010/2731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14201