Required CVE Record Information
Description
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.
References 5 Total
- exchange.xforce.ibmcloud.com: google-chrome-spdy-dos(66195) vdb-entry
- http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction.cc?r1=77893&r2=77892&pathrev=77893
- oval.cisecurity.org: oval:org.mitre.oval:def:14564 vdb-entrysignature
- http://code.google.com/p/chromium/issues/detail?id=75657
- http://googlechromereleases.blogspot.com/2011/03/dev-channel-update_17.html
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- exchange.xforce.ibmcloud.com: google-chrome-spdy-dos(66195) vdb-entryx_transferred
- http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction.cc?r1=77893&r2=77892&pathrev=77893 x_transferred
- oval.cisecurity.org: oval:org.mitre.oval:def:14564 vdb-entrysignaturex_transferred
- http://code.google.com/p/chromium/issues/detail?id=75657 x_transferred
- http://googlechromereleases.blogspot.com/2011/03/dev-channel-update_17.html x_transferred