Unrated severityNVD Advisory· Published Apr 15, 2011· Updated Apr 29, 2026

CVE-2011-1691

Description

The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.

Affected products

Google/Chrome
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Range: <11.0.696.43

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

trac.webkit.org/changeset/82222nvdPatch
code.google.com/p/chromium/issues/detailnvdExploitIssue TrackingPatchVendor Advisory
bugs.webkit.org/show_bug.cginvdExploitIssue TrackingPatchThird Party Advisory
googlechromereleases.blogspot.com/2011/04/beta-channel-update_12.htmlnvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/66818nvdThird Party AdvisoryVDB Entry
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14365nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000