PT-2010-5541 · Google · Chrome Os+1
Publicado
2010-12-22
·
Atualizado
2020-07-31
·
CVE-2010-4574
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 8.0.552.224
Chrome OS versions prior to 8.0.552.343
Description
The issue is related to the Pickle::Pickle function in Google Chrome and Chrome OS, which does not properly perform pointer arithmetic. This allows remote attackers to bypass message deserialization validation, potentially causing a denial of service or having other unspecified impacts, via invalid pickle data.
Recommendations
For Google Chrome versions prior to 8.0.552.224, update to version 8.0.552.224 or later.
For Chrome OS versions prior to 8.0.552.343, update to version 8.0.552.343 or later.
Correção
Deserialization of Untrusted Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Chrome Os
Google Chrome