Unrated severityNVD Advisory· Published Jan 14, 2011· Updated Apr 29, 2026

CVE-2011-0484

Description

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Improper DOM node removal in Google Chrome before 8.0.552.237 allows remote attackers to cause denial of service via a stale rendering node.

Vulnerability

Google Chrome before version 8.0.552.237 and Chrome OS before version 8.0.552.344 improperly handle DOM node removal, leading to a stale rendering node. This vulnerability can be triggered by unknown vectors, likely involving crafted web content that manipulates the DOM in a way that leaves a reference to a removed node.

Exploitation

An attacker can exploit this vulnerability by convincing a user to visit a specially crafted web page. No authentication or special network position is required; the attack is remote and relies on standard browser rendering. The exact sequence of steps is not publicly disclosed, but the root cause is improper cleanup of rendering nodes after DOM removal.

Impact

Successful exploitation results in a denial of service (browser crash or hang). The description also mentions the possibility of unspecified other impact, though no details on code execution or data disclosure have been published.

Mitigation

Google addressed this vulnerability in Chrome 8.0.552.237 and Chrome OS 8.0.552.344. Users should update to these or later versions. No workarounds are available for unpatched versions.

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Google/Chrome2 versions
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <8.0.552.237
- (no CPE)range: <8.0.552.237
Google/ChromeOS2 versions
cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*range: <8.0.552.344
- (no CPE)range: <8.0.552.344

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

code.google.com/p/chromium/issues/detailnvdExploitVendor Advisory
googlechromereleases.blogspot.com/2011/01/chrome-stable-release.htmlnvdVendor Advisory
secunia.com/advisories/42951nvdThird Party Advisory
www.securityfocus.com/bid/45788nvdThird Party AdvisoryVDB Entry
www.srware.net/forum/viewtopic.phpnvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/64675nvdThird Party AdvisoryVDB Entry
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14131nvdThird Party Advisory
osvdb.org/70467nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000