CVE-2010-4041

9.8 CRITICAL

Published: October 21, 2010 Modified: April 29, 2026

Description

The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=54794

Source: cve@mitre.org

Issue Tracking Mailing List Patch Vendor Advisory

http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html

Source: cve@mitre.org

Release Notes Vendor Advisory

http://secunia.com/advisories/41888

Source: cve@mitre.org

Broken Link

http://www.securityfocus.com/bid/44241

Source: cve@mitre.org

Third Party Advisory VDB Entry

http://www.vupen.com/english/advisories/2010/2731

Source: cve@mitre.org

Not Applicable

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14201

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=54794