CVE-2009-2955

Google Chrome <= 1.0.154.48 - Denial of Service via Long Location Hash String

Title source: llm
STIX 2.1

Description

Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.

References (2)

Core 2
Core References
Various Sources x_refsource_misc
http://websecurity.com.ua/3424/
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/506006/100/0/threaded

Scores

EPSS 0.0082
EPSS Percentile 52.9%

Details

CWE
CWE-20
Status published
Products (17)
google/chrome 0.2.149.27
google/chrome 0.2.149.29
google/chrome 0.2.149.30
google/chrome 0.2.152.1
google/chrome 0.2.153.1
google/chrome 0.3.154.0
google/chrome 0.3.154.3
google/chrome 0.4.154.18
google/chrome 0.4.154.22
google/chrome 0.4.154.31
... and 7 more
Published Aug 24, 2009
Tracked Since Feb 18, 2026