Back to CVE Browser

CVE-2010-3113

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0730%

EPSS Percentile10.53th

PublishedAug 24, 2010

Last ModifiedApr 29, 2026

Vulnerability Description

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController.

Affected Platforms (CPE)

📦

Google

Chrome

< 5.0.375.127

📦

Webkitgtk

Webkitgtk

< 1.2.5

💻

Canonical

Ubuntu Linux

= 9.10

💻

Canonical

Ubuntu Linux

= 10.04

💻

Canonical

Ubuntu Linux

= 10.10

References & Advisories

🔗 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032

🔗 http://code.google.com/p/chromium/issues/detail?id=49596

🔗 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html

🔗 http://secunia.com/advisories/41856

🔗 http://secunia.com/advisories/43086

🔗 http://trac.webkit.org/changeset/63865

🔗 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

🔗 http://www.redhat.com/support/errata/RHSA-2011-0177.html

Related Vulnerabilities

CVE-2004-076410.0

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "c...

CVE-2009-247110.0

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers...

CVE-2021-3397010.0

Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

CVE-2009-266510.0

The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when cert...