ID CVE-2010-0659
Summary The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:webkit:r53524
    cpe:2.3:a:apple:webkit:r53524
  • cpe:2.3:a:google:chrome:3.0.195.33
  • Google Chrome 4.0.249.78
    cpe:2.3:a:google:chrome:4.0.249.78
  • cpe:2.3:a:google:chrome:1.0.154.59
  • Google Chrome 3.0.195.24
    cpe:2.3:a:google:chrome:3.0.195.24
  • Google Chrome 2.0.172.28
    cpe:2.3:a:google:chrome:2.0.172.28
  • cpe:2.3:a:google:chrome:1.0.154.36
  • Google Chrome 3.0.193.2:beta
    cpe:2.3:a:google:chrome:3.0.193.2:beta
  • Google Chrome 1.0.154.53
    cpe:2.3:a:google:chrome:1.0.154.53
  • cpe:2.3:a:google:chrome:4.0.244.0
  • Google Chrome 3.0.195.32
    cpe:2.3:a:google:chrome:3.0.195.32
  • cpe:2.3:a:google:chrome:1.0.154.48
  • Google Chrome 2.0.157.0
    cpe:2.3:a:google:chrome:2.0.157.0
  • Google Chrome 2.0.172.38
    cpe:2.3:a:google:chrome:2.0.172.38
  • cpe:2.3:a:google:chrome:2.0.157.2
  • Google Chrome 2.0.172.8
    cpe:2.3:a:google:chrome:2.0.172.8
  • cpe:2.3:a:google:chrome:2.0.172.2
  • cpe:2.3:a:google:chrome:2.0.156.1
  • Google Chrome 2.0.172.27
    cpe:2.3:a:google:chrome:2.0.172.27
  • cpe:2.3:a:google:chrome:3.0.195.21
  • cpe:2.3:a:google:chrome:3.0.182.2
  • cpe:2.3:a:google:chrome:3.0.190.2
  • Google Chrome 0.3.154.3
    cpe:2.3:a:google:chrome:0.3.154.3
  • Google Chrome 2.0.172.31
    cpe:2.3:a:google:chrome:2.0.172.31
  • Google Chrome 0.4.154.18
    cpe:2.3:a:google:chrome:0.4.154.18
  • cpe:2.3:a:google:chrome:2.0.172.30
  • cpe:2.3:a:google:chrome:0.2.153.1
  • Google Chrome 0.3.154.0
    cpe:2.3:a:google:chrome:0.3.154.0
  • cpe:2.3:a:google:chrome:2.0.172.33
  • cpe:2.3:a:google:chrome:1.0.154.46
  • Google Chrome 2.0.169.1
    cpe:2.3:a:google:chrome:2.0.169.1
  • cpe:2.3:a:google:chrome:2.0.172
  • cpe:2.3:a:google:chrome:0.2.152.1
  • cpe:2.3:a:google:chrome:2.0.170.0
  • cpe:2.3:a:google:chrome:2.0.158.0
  • Google Chrome 2.0.159.0
    cpe:2.3:a:google:chrome:2.0.159.0
  • cpe:2.3:a:google:chrome:2.0.169.0
  • Google Chrome 0.4.154.31
    cpe:2.3:a:google:chrome:0.4.154.31
  • Google Chrome 0.4.154.22
    cpe:2.3:a:google:chrome:0.4.154.22
  • Google Chrome 1.0.154.39
    cpe:2.3:a:google:chrome:1.0.154.39
  • cpe:2.3:a:google:chrome:0.4.154.33
  • Google Chrome 0.2.149.27
    cpe:2.3:a:google:chrome:0.2.149.27
  • Google Chrome 1.0.154.42
    cpe:2.3:a:google:chrome:1.0.154.42
  • cpe:2.3:a:google:chrome:1.0.154.65
  • Google Chrome 2.0.172.37
    cpe:2.3:a:google:chrome:2.0.172.37
  • cpe:2.3:a:google:chrome:0.2.149.29
  • cpe:2.3:a:google:chrome:0.2.149.30
  • cpe:2.3:a:google:chrome:1.0.154.43
  • cpe:2.3:a:google:chrome:1.0.154.52
CVSS
Base: 9.3 (as of 19-02-2010 - 12:26)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Windows
    NASL id GOOGLE_CHROME_4_0_249_78.NASL
    description The version of Google Chrome installed on the remote host is earlier than 4.0.249.78. Such versions are reportedly affected by multiple vulnerabilities : - A pop-up blocker bypass. (Issue #3275) - Cross-domain theft due to CSS design error. (Issue #9877) - Browser memory error with stale pop-up block menu. (Issue #12523) - An unspecified error allows XMLHttpRequests to directories. (Issue #20450) - An unspecified error exists related to escaping characters in shortcuts. (Issue #23693) - Renderer memory errors exist when drawing on canvases. (Issue #8864, #24701, #24646) - An image decoding memory error. (Issue #28566) - An unspecified error exists that could result in failure to strip 'Referer'. (Issue #29920) - An unspecified cross-domain access error. (Issue #30666) - An unspecified bitmap deserialization error. (Issue #31307) - An unspecified browser crash related to nested URLs. (Issue #31517)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 44317
    published 2010-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44317
    title Google Chrome < 4.0.249.78 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_LIBWEBKIT-110111.NASL
    description Various bugs in webkit have been fixed. The CVE id's are : CVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53764
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53764
    title openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_LIBWEBKIT-110104.NASL
    description Various bugs in webkit have been fixed. The CVE id's are : CVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75629
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75629
    title openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
oval via4
accepted 2014-04-07T04:00:42.283-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization DTCC
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Google Chrome is installed
    oval oval:org.mitre.oval:def:11914
  • comment Google Chrome is installed
    oval oval:org.mitre.oval:def:11914
  • comment Google Chrome is installed
    oval oval:org.mitre.oval:def:11914
  • comment Google Chrome is installed
    oval oval:org.mitre.oval:def:11914
  • comment Google Chrome is installed
    oval oval:org.mitre.oval:def:11914
description The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size.
family windows
id oval:org.mitre.oval:def:14079
status accepted
submitted 2011-11-25T18:05:45.000-05:00
title The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size.
version 52
refmap via4
confirm
sectrack 1023506
secunia 43068
suse SUSE-SR:2011:002
vupen ADV-2011-0212
Last major update 26-01-2012 - 22:48
Published 18-02-2010 - 13:00
Last modified 18-09-2017 - 21:30
Back to Top