Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruption) by constructing a crafted HTML document containing JavaScript code with requestFullScreen and requestPointerLock calls, and arranging for the user to access this document with a file: URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Chrome 拒绝服务漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。 Google Chrome 42.0.2311.90之前版本中存在安全漏洞,该漏洞源于程序处理CONTENT_SETTINGS_TYPE_FULLSCREEN和CONTENT_SETTINGS_TYPE_MOUSELOCK变更时没有提示用户。远程攻击者可通过构造特制的HTML文档,并诱使用户使用file: URL访问该文档利用该漏洞造成拒绝服务(UI中断)。
CVSS Information
N/A
Vulnerability Type
N/A