Description
net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Skylined · pythondosmultiple
https://www.exploit-db.com/exploits/40944
References (13)
Scores
EPSS
0.0688
EPSS Percentile
91.4%
Details
CWE
CWE-119
Status
published
Products (44)
google/chrome
31.0.1650.0
google/chrome
31.0.1650.2
google/chrome
31.0.1650.3
google/chrome
31.0.1650.4
google/chrome
31.0.1650.5
google/chrome
31.0.1650.6
google/chrome
31.0.1650.7
google/chrome
31.0.1650.8
google/chrome
31.0.1650.9
google/chrome
31.0.1650.10
... and 34 more
Published
Nov 13, 2013
Tracked Since
Feb 18, 2026