CVE-2010-4494

Google Chrome < 8.0.552.215 - Double Free

Title source: rule

Description

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

References (26)

[Third Party Advisory] http://secunia.com/advisories/42472

[Exploit, Issue Tracking, Patch, Vendor Advisory] http://code.google.com/p/chromium/issues/detail?id=63444

[Vendor Advisory] http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html

[Mailing List, Third Party Advisory] http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

[Mailing List, Third Party Advisory] http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

[Mailing List, Third Party Advisory] http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

[Mailing List, Third Party Advisory] http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

[Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html

[Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

[Third Party Advisory] http://marc.info/?l=bugtraq&m=139447903326211&w=2

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2013-0217.html

[Third Party Advisory] http://secunia.com/advisories/40775

[Third Party Advisory] http://secunia.com/advisories/42721

[Third Party Advisory] http://secunia.com/advisories/42762

[Third Party Advisory] http://support.apple.com/kb/HT4554

[Third Party Advisory] http://support.apple.com/kb/HT4564

[Broken Link] http://support.apple.com/kb/HT4566

[Third Party Advisory] http://support.apple.com/kb/HT4581

[Third Party Advisory] http://www.debian.org/security/2010/dsa-2137

[Third Party Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2010:260

... and 6 more

Scores

EPSS 0.0126

EPSS Percentile 79.2%

Classification

CWE

CWE-415

Status draft

Affected Products (19)

google/chrome < 8.0.552.215

xmlsoft/libxml2 < 2.7.8

apple/itunes < 10.2

apple/safari < 5.0.4

apple/iphone_os < 4.3.0

apple/mac_os_x < 10.6.7

opensuse/opensuse

opensuse/opensuse

suse/suse_linux_enterprise_server

fedoraproject/fedora

redhat/enterprise_linux_desktop

redhat/enterprise_linux_eus

redhat/enterprise_linux_server

redhat/enterprise_linux_workstation

debian/debian_linux

... and 4 more

Timeline

Published Dec 07, 2010

Tracked Since Feb 18, 2026