PT-2010-2397 · Google · Google Chrome+1
Publicado
2010-02-18
·
Atualizado
2017-09-19
·
CVE-2010-0645
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 4.0.249.89
Google V8 versions prior to r3560
Description
The issue is caused by multiple integer overflows in the factory.cc file of Google V8, which is used in Google Chrome. This allows remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.
Recommendations
For Google Chrome versions prior to 4.0.249.89, update to version 4.0.249.89 or later to resolve the issue.
For Google V8 versions prior to r3560, update to version r3560 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Google Chrome
Google V8