Unrated severityNVD Advisory· Published Jan 14, 2011· Updated Apr 29, 2026

CVE-2011-0471

Description

The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A pointer handling flaw in Chrome's node-iteration code before 8.0.552.237 allows remote attackers to cause a denial of service via unknown vectors.

Vulnerability

The node-iteration implementation in Google Chrome before version 8.0.552.237 and Chrome OS before version 8.0.552.344 does not properly handle pointers. This memory safety issue can be triggered by remote attackers via unknown vectors, likely involving crafted web content that exploits the improper pointer handling during DOM node iteration.

Exploitation

An attacker can exploit this vulnerability by enticing a user to visit a specially crafted web page. The exact exploitation steps are not disclosed, but the vulnerability is remotely exploitable without authentication. The attacker does not require any special network position beyond serving the malicious page.

Impact

Successful exploitation leads to a denial of service, potentially crashing the browser. The description also notes the possibility of unspecified other impact, which could include memory corruption leading to arbitrary code execution, though this is not confirmed.

Mitigation

The vulnerability is fixed in Google Chrome version 8.0.552.237 and later, and in Chrome OS version 8.0.552.344 and later. Users should update their browsers to these versions or newer. No workarounds are available.

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Google/Chrome2 versions
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <8.0.552.237
- (no CPE)range: <8.0.552.237
Google/ChromeOS2 versions
cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*range: <8.0.552.344
- (no CPE)range: <8.0.552.344

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

googlechromereleases.blogspot.com/2011/01/chrome-stable-release.htmlnvdVendor Advisory
secunia.com/advisories/42951nvdThird Party Advisory
www.securityfocus.com/bid/45788nvdThird Party AdvisoryVDB Entry
www.srware.net/forum/viewtopic.phpnvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/64662nvdThird Party AdvisoryVDB Entry
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13710nvdThird Party Advisory
code.google.com/p/chromium/issues/detailnvdPermissions Required
osvdb.org/70454nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000