CVE-2010-0663
Vulnerability from cvelistv5
Published
2010-02-18 17:19
Modified
2024-08-07 00:59
Severity ?
EPSS score ?
Summary
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:38.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:14002",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
},
{
"name": "1023506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023506"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=31307"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ParamTraits\u003cSkBitmap\u003e::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:14002",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
},
{
"name": "1023506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023506"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=31307"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ParamTraits\u003cSkBitmap\u003e::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:14002",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002"
},
{
"name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
},
{
"name": "1023506",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023506"
},
{
"name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
"refsource": "CONFIRM",
"url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=31307",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=31307"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0663",
"datePublished": "2010-02-18T17:19:00",
"dateReserved": "2010-02-18T00:00:00",
"dateUpdated": "2024-08-07T00:59:38.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2010-0663\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-02-18T18:00:01.097\",\"lastModified\":\"2024-11-21T01:12:41.653\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ParamTraits\u003cSkBitmap\u003e::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n ParamTraits\u003cSkBitmap\u003e::Read en common/common_param_traits.cc en Google Chrome anterior a v4.0.249.78 no inicializa las ubicaciones de memoria que almacenan los datos de mapa de bits lo cual podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n potencialmente sensible de la memoria del proceso proporcionando datos insuficientes, relacionados con el uso de una base de datos (1) de miniaturas (thumbnail)o de (2) lienzo HTML.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.249.0\",\"matchCriteriaId\":\"74697DF5-4F60-40DA-AADE-44288F4AAC18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55D5075-D233-42D6-B1D6-77B7599650EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B8FF77A-7802-4963-B532-3F16C7BB012C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D73576CF-76EE-42A3-9955-D7991384B8C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD4A2AB1-6F90-4D0B-A673-C6310514CE63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66A4FEB5-11D8-4FFC-972D-A3B991176040\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6313614-FC3C-488C-B80B-191797319A56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CDF3DAB-73C4-48E8-9B0B-DADABF217555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B2FAE50-4CA3-46F6-B533-C599011A9ED5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D94F22-37B6-4938-966A-E1830D83FBC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8B7164E-7A4F-4959-9E6D-EF614EDD4C3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C0F9D75-B10D-468F-84D8-61B6A1230556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D2CAE29-3F1E-4374-B82C-B60B7BB4AEAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"173D539E-045E-4429-80C9-5749BECC6CD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2052352-FECC-4990-B0F4-A715694AD816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCBC80CB-4AB8-4EDF-9940-D2D7124D7549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37938BB-8368-46D6-A8E4-F99F5CB9B82E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6659833E-E309-4797-84D4-A782237714A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4C0D93-0308-48D4-A953-9398B88E2868\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE5094C4-1338-4189-B5FD-C9AFFF091D6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51A8C3D2-82E6-453E-90B7-BA5C5D2CDF54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67C0798F-CC7F-4069-810E-B81F8BB77CCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2F95770-F36F-43C0-986F-5C819648271E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECCE1FD3-8D27-4304-97F9-6F9689F2498D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F6CA696-49AA-4445-B978-96C1D8CE58DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9CFA3BF-6C07-448B-8C83-AD4C524A6577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8497F93-D88A-4FFA-B988-7210608530A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49FB50A3-FFDA-4BB9-A2C1-DA6DACC2DAAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59F93BC8-FE87-4CEC-B28A-4B0B5A468EDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02D459C7-2555-42FA-9C68-619E410D7CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5CDF938-2998-403F-B343-29B620E05D44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64F89EA6-B411-4887-90A1-FF3A054424F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10D2BA3B-1C69-470C-9C40-001FAE82DDB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3583995C-CD74-401F-905D-65B73CFC4595\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0A621B1-3186-4CE2-8BCC-916027CC74CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4A9B50D-5B0F-41C9-8FAF-B78CD21A0554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F5223F1-85CD-4DF9-9665-BDF7B554A784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DD7AFBA-A9A2-4EE9-B652-78D25EFBB690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B9D6ED9-D5C5-4CA9-84EA-8007F48CF597\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E7F7897-ECD1-499E-81CD-E224241B6607\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7422307-271F-4953-9CA4-C50238D27BAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DCC3490-5B06-4992-8E31-CA46E18607B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F85551-EDB5-4790-8095-EFFA7DEC7F98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEBB1A8-295B-4AF7-996D-F7E415B91ECB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50995718-0F70-44CA-863B-4AFB4C7AF3CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31D2B04D-ECEB-4B9B-9DC7-FE17C13DD72A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7460B03-A658-4507-8D9E-E0234940BD71\"}]}]}],\"references\":[{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=31307\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1023506\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=31307\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1023506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.