PT-2010-2397 · Google · Google Chrome+1

Published

2010-02-18

Updated

2017-09-19

CVE-2010-0645

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 4.0.249.89 Google V8 versions prior to r3560

Description The issue is caused by multiple integer overflows in the factory.cc file of Google V8, which is used in Google Chrome. This allows remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

Recommendations For Google Chrome versions prior to 4.0.249.89, update to version 4.0.249.89 or later to resolve the issue. For Google V8 versions prior to r3560, update to version r3560 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2010-0645

Affected Products

Google Chrome

Google V8

PT-2010-2397 · Google · Google Chrome+1

CVE-2010-0645

Weakness Enumeration

Related Identifiers

Affected Products

References · 13