gsd-2009-3933
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the WTF::currentTime and base::Time functions.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2009-3933", "description": "WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the WTF::currentTime and base::Time functions.", "id": "GSD-2009-3933", "references": [ "https://www.suse.com/security/cve/CVE-2009-3933.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2009-3933" ], "details": "WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the WTF::currentTime and base::Time functions.", "id": "GSD-2009-3933", "modified": "2023-12-13T01:19:49.948555Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-3933", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the WTF::currentTime and base::Time functions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "43068", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43068" }, { "name": "http://googlechromereleases.blogspot.com/2009/11/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2009/11/stable-channel-update.html" }, { "name": "ADV-2011-0212", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "name": "http://trac.webkit.org/changeset/50173", "refsource": "CONFIRM", "url": "http://trac.webkit.org/changeset/50173" }, { "name": "https://bugs.webkit.org/show_bug.cgi?id=30833", "refsource": "CONFIRM", "url": "https://bugs.webkit.org/show_bug.cgi?id=30833" }, { "name": "http://codereview.chromium.org/339039", "refsource": "CONFIRM", "url": "http://codereview.chromium.org/339039" }, { "name": "googlechrome-webkit-dos(54297)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54297" }, { "name": "http://code.google.com/p/chromium/issues/detail?id=25892", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=25892" }, { "name": "SUSE-SR:2011:002", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "name": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=30311", "refsource": "CONFIRM", "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=30311" }, { "name": "http://src.chromium.org/viewvc/chrome/branches/195/src/webkit/webkit.gyp?r1=30311\u0026r2=30310", "refsource": "CONFIRM", "url": "http://src.chromium.org/viewvc/chrome/branches/195/src/webkit/webkit.gyp?r1=30311\u0026r2=30310" }, { "name": "59745", "refsource": "OSVDB", "url": "http://www.osvdb.org/59745" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:webkit:webkit:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "r50173", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.0.195.24", "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-3933" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the WTF::currentTime and base::Time functions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-399" } ] } ] }, "references": { "reference_data": [ { "name": "http://code.google.com/p/chromium/issues/detail?id=25892", "refsource": "CONFIRM", "tags": [], "url": "http://code.google.com/p/chromium/issues/detail?id=25892" }, { "name": "http://trac.webkit.org/changeset/50173", "refsource": "CONFIRM", "tags": [], "url": "http://trac.webkit.org/changeset/50173" }, { "name": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=30311", "refsource": "CONFIRM", "tags": [], "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=30311" }, { "name": "https://bugs.webkit.org/show_bug.cgi?id=30833", "refsource": "CONFIRM", "tags": [], "url": "https://bugs.webkit.org/show_bug.cgi?id=30833" }, { "name": "http://src.chromium.org/viewvc/chrome/branches/195/src/webkit/webkit.gyp?r1=30311\u0026r2=30310", "refsource": "CONFIRM", "tags": [], "url": "http://src.chromium.org/viewvc/chrome/branches/195/src/webkit/webkit.gyp?r1=30311\u0026r2=30310" }, { "name": "http://codereview.chromium.org/339039", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://codereview.chromium.org/339039" }, { "name": "http://googlechromereleases.blogspot.com/2009/11/stable-channel-update.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://googlechromereleases.blogspot.com/2009/11/stable-channel-update.html" }, { "name": "59745", "refsource": "OSVDB", "tags": [], "url": "http://www.osvdb.org/59745" }, { "name": "SUSE-SR:2011:002", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "name": "43068", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/43068" }, { "name": "ADV-2011-0212", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "name": "googlechrome-webkit-dos(54297)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54297" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2017-08-17T01:31Z", "publishedDate": "2009-11-12T17:54Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.