certfr_avis - certa-2010-avi-077

CVE-2010-0663 (GCVE-0-2010-0663)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas.

References

URL

Tags

	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002	vdb-entry, signature, x_refsource_OVAL
	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=31307	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.526Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:14002",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=31307"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ParamTraits\u003cSkBitmap\u003e::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:14002",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=31307"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0663",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ParamTraits\u003cSkBitmap\u003e::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:14002",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=31307",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=31307"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0663",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0650 (GCVE-0-2010-0650)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	vendor-advisory, x_refsource_MANDRIVA
	http://www.securityfocus.com/bid/38373	vdb-entry, x_refsource_BID
	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/2722	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1006-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/41856	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://code.google.com/p/chromium/issues/detail?id=3275	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13791	vdb-entry, signature, x_refsource_OVAL
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://bugs.webkit.org/show_bug.cgi?id=21501	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0552	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.370Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
          },
          {
            "name": "38373",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38373"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "ADV-2010-2722",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2722"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "USN-1006-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1006-1"
          },
          {
            "name": "41856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41856"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=3275"
          },
          {
            "name": "oval:org.mitre.oval:def:13791",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13791"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.webkit.org/show_bug.cgi?id=21501"
          },
          {
            "name": "ADV-2011-0552",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0552"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2011:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
        },
        {
          "name": "38373",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38373"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "ADV-2010-2722",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2722"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "USN-1006-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1006-1"
        },
        {
          "name": "41856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41856"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=3275"
        },
        {
          "name": "oval:org.mitre.oval:def:13791",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13791"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.webkit.org/show_bug.cgi?id=21501"
        },
        {
          "name": "ADV-2011-0552",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0552"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0650",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:039",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
            },
            {
              "name": "38373",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38373"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "ADV-2010-2722",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2722"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "USN-1006-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1006-1"
            },
            {
              "name": "41856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41856"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=3275",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=3275"
            },
            {
              "name": "oval:org.mitre.oval:def:13791",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13791"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=21501",
              "refsource": "CONFIRM",
              "url": "https://bugs.webkit.org/show_bug.cgi?id=21501"
            },
            {
              "name": "ADV-2011-0552",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0552"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0650",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.370Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0656 (GCVE-0-2010-0656)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibly have unspecified other impact via a crafted local HTML document.

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	vendor-advisory, x_refsource_MANDRIVA
	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/2722	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1006-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/41856	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html	vendor-advisory, x_refsource_FEDORA
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://trac.webkit.org/changeset/51295	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/38372	vdb-entry, x_refsource_BID
	http://code.google.com/p/chromium/issues/detail?id=20450	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14501	vdb-entry, signature, x_refsource_OVAL
	https://bugs.webkit.org/show_bug.cgi?id=31329	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0552	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html	vendor-advisory, x_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.156Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "ADV-2010-2722",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2722"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "USN-1006-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1006-1"
          },
          {
            "name": "41856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41856"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "FEDORA-2010-8360",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.webkit.org/changeset/51295"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "38372",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38372"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=20450"
          },
          {
            "name": "oval:org.mitre.oval:def:14501",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.webkit.org/show_bug.cgi?id=31329"
          },
          {
            "name": "ADV-2011-0552",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0552"
          },
          {
            "name": "FEDORA-2010-8379",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html"
          },
          {
            "name": "FEDORA-2010-8423",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibly have unspecified other impact via a crafted local HTML document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2011:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "ADV-2010-2722",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2722"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "USN-1006-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1006-1"
        },
        {
          "name": "41856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41856"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "FEDORA-2010-8360",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.webkit.org/changeset/51295"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "38372",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38372"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=20450"
        },
        {
          "name": "oval:org.mitre.oval:def:14501",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.webkit.org/show_bug.cgi?id=31329"
        },
        {
          "name": "ADV-2011-0552",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0552"
        },
        {
          "name": "FEDORA-2010-8379",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html"
        },
        {
          "name": "FEDORA-2010-8423",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0656",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibly have unspecified other impact via a crafted local HTML document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:039",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "ADV-2010-2722",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2722"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "USN-1006-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1006-1"
            },
            {
              "name": "41856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41856"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "FEDORA-2010-8360",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://trac.webkit.org/changeset/51295",
              "refsource": "CONFIRM",
              "url": "http://trac.webkit.org/changeset/51295"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "38372",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38372"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=20450",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=20450"
            },
            {
              "name": "oval:org.mitre.oval:def:14501",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14501"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=31329",
              "refsource": "CONFIRM",
              "url": "https://bugs.webkit.org/show_bug.cgi?id=31329"
            },
            {
              "name": "ADV-2011-0552",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0552"
            },
            {
              "name": "FEDORA-2010-8379",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html"
            },
            {
              "name": "FEDORA-2010-8423",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0656",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.156Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0644 (GCVE-0-2010-0644)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity.

References

URL

Tags

	http://www.securityfocus.com/bid/38177	vdb-entry, x_refsource_BID
	http://code.google.com/p/chromium/issues/detail?id=29914	x_refsource_CONFIRM
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://securitytracker.com/id?1023583	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2010/0361	vdb-entry, x_refsource_VUPEN
	http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13926	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/38545	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:37.931Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38177",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38177"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=29914"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "1023583",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023583"
          },
          {
            "name": "ADV-2010-0361",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0361"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
          },
          {
            "name": "oval:org.mitre.oval:def:13926",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13926"
          },
          {
            "name": "38545",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38545"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38177",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38177"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=29914"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "1023583",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023583"
        },
        {
          "name": "ADV-2010-0361",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0361"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
        },
        {
          "name": "oval:org.mitre.oval:def:13926",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13926"
        },
        {
          "name": "38545",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38545"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0644",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38177",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38177"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=29914",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=29914"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "1023583",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023583"
            },
            {
              "name": "ADV-2010-0361",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0361"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
            },
            {
              "name": "oval:org.mitre.oval:def:13926",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13926"
            },
            {
              "name": "38545",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38545"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0644",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:37.931Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0646 (GCVE-0-2010-0646)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/56213	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/bid/38177	vdb-entry, x_refsource_BID
	http://code.google.com/p/v8/source/detail?r=3560	x_refsource_CONFIRM
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://securitytracker.com/id?1023583	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2010/0361	vdb-entry, x_refsource_VUPEN
	http://code.google.com/p/chromium/issues/detail?id=31009	x_refsource_CONFIRM
	http://www.osvdb.org/62316	vdb-entry, x_refsource_OSVDB
	http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html	x_refsource_CONFIRM
	http://codereview.chromium.org/525064	x_refsource_CONFIRM
	http://secunia.com/advisories/38545	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.642Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "googlechrome-v8engine-code-exec(56213)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56213"
          },
          {
            "name": "oval:org.mitre.oval:def:14222",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222"
          },
          {
            "name": "38177",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38177"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/v8/source/detail?r=3560"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "1023583",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023583"
          },
          {
            "name": "ADV-2010-0361",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0361"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=31009"
          },
          {
            "name": "62316",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62316"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://codereview.chromium.org/525064"
          },
          {
            "name": "38545",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38545"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "googlechrome-v8engine-code-exec(56213)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56213"
        },
        {
          "name": "oval:org.mitre.oval:def:14222",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222"
        },
        {
          "name": "38177",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38177"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/v8/source/detail?r=3560"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "1023583",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023583"
        },
        {
          "name": "ADV-2010-0361",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0361"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=31009"
        },
        {
          "name": "62316",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62316"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://codereview.chromium.org/525064"
        },
        {
          "name": "38545",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38545"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0646",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "googlechrome-v8engine-code-exec(56213)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56213"
            },
            {
              "name": "oval:org.mitre.oval:def:14222",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222"
            },
            {
              "name": "38177",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38177"
            },
            {
              "name": "http://code.google.com/p/v8/source/detail?r=3560",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/v8/source/detail?r=3560"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "1023583",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023583"
            },
            {
              "name": "ADV-2010-0361",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0361"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=31009",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=31009"
            },
            {
              "name": "62316",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62316"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
            },
            {
              "name": "http://codereview.chromium.org/525064",
              "refsource": "CONFIRM",
              "url": "http://codereview.chromium.org/525064"
            },
            {
              "name": "38545",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38545"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0646",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.642Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0655 (GCVE-0-2010-0655)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site.

References

URL

Tags

	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://secunia.com/secunia_research/2009-65/	x_refsource_MISC
	http://code.google.com/p/chromium/issues/detail?id=12523	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14069	vdb-entry, signature, x_refsource_OVAL

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.283Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2009-65/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=12523"
          },
          {
            "name": "oval:org.mitre.oval:def:14069",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14069"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2009-65/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=12523"
        },
        {
          "name": "oval:org.mitre.oval:def:14069",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14069"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0655",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://secunia.com/secunia_research/2009-65/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2009-65/"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=12523",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=12523"
            },
            {
              "name": "oval:org.mitre.oval:def:14069",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14069"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0655",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0649 (GCVE-0-2010-0649)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages.

References

URL

Tags

	http://www.securityfocus.com/bid/38177	vdb-entry, x_refsource_BID
	http://code.google.com/p/chromium/issues/detail?id=32915	x_refsource_CONFIRM
	http://www.osvdb.org/62320	vdb-entry, x_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256	vdb-entry, signature, x_refsource_OVAL
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/56217	vdb-entry, x_refsource_XF
	http://securitytracker.com/id?1023583	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2010/0361	vdb-entry, x_refsource_VUPEN
	http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html	x_refsource_CONFIRM
	http://secunia.com/advisories/38545	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.200Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38177",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38177"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=32915"
          },
          {
            "name": "62320",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62320"
          },
          {
            "name": "oval:org.mitre.oval:def:14256",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "googlechrome-sandbox-code-exec(56217)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56217"
          },
          {
            "name": "1023583",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023583"
          },
          {
            "name": "ADV-2010-0361",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0361"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
          },
          {
            "name": "38545",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38545"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38177",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38177"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=32915"
        },
        {
          "name": "62320",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62320"
        },
        {
          "name": "oval:org.mitre.oval:def:14256",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "googlechrome-sandbox-code-exec(56217)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56217"
        },
        {
          "name": "1023583",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023583"
        },
        {
          "name": "ADV-2010-0361",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0361"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
        },
        {
          "name": "38545",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38545"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0649",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38177",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38177"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=32915",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=32915"
            },
            {
              "name": "62320",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62320"
            },
            {
              "name": "oval:org.mitre.oval:def:14256",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "googlechrome-sandbox-code-exec(56217)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56217"
            },
            {
              "name": "1023583",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023583"
            },
            {
              "name": "ADV-2010-0361",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0361"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
            },
            {
              "name": "38545",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38545"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0649",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.200Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0657 (GCVE-0-2010-0657)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sensitive information by tricking a user into creating a crafted shortcut.

References

URL

Tags

	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14306	vdb-entry, signature, x_refsource_OVAL
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=23693	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "oval:org.mitre.oval:def:14306",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14306"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=23693"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sensitive information by tricking a user into creating a crafted shortcut."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "oval:org.mitre.oval:def:14306",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14306"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=23693"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0657",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sensitive information by tricking a user into creating a crafted shortcut."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "oval:org.mitre.oval:def:14306",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14306"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=23693",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=23693"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0657",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0660 (GCVE-0-2010-0660)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging.

References

URL

Tags

	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247	vdb-entry, signature, x_refsource_OVAL
	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=29920	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:37.954Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:14247",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=29920"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:14247",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=29920"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0660",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:14247",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=29920",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=29920"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0660",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:37.954Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0658 (GCVE-0-2010-0658)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements.

References

URL

Tags

	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=8864	x_refsource_CONFIRM
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=24071	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852	vdb-entry, signature, x_refsource_OVAL
	http://code.google.com/p/chromium/issues/detail?id=24646	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.318Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=8864"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=24071"
          },
          {
            "name": "oval:org.mitre.oval:def:13852",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=24646"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=8864"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=24071"
        },
        {
          "name": "oval:org.mitre.oval:def:13852",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=24646"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0658",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=8864",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=8864"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=24071",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=24071"
            },
            {
              "name": "oval:org.mitre.oval:def:13852",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=24646",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=24646"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0658",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0651 (GCVE-0-2010-0651)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	vendor-advisory, x_refsource_MANDRIVA
	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/2722	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://code.google.com/p/chromium/issues/detail?id=9877	x_refsource_CONFIRM
	http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html	x_refsource_MISC
	http://www.ubuntu.com/usn/USN-1006-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/41856	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://trac.webkit.org/changeset/52784	x_refsource_CONFIRM
	http://websec.sv.cmu.edu/css/css.pdf	x_refsource_MISC
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13653	vdb-entry, signature, x_refsource_OVAL
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://bugs.webkit.org/show_bug.cgi?id=29820	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0552	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:37.860Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "ADV-2010-2722",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2722"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=9877"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html"
          },
          {
            "name": "USN-1006-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1006-1"
          },
          {
            "name": "41856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41856"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.webkit.org/changeset/52784"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://websec.sv.cmu.edu/css/css.pdf"
          },
          {
            "name": "oval:org.mitre.oval:def:13653",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13653"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.webkit.org/show_bug.cgi?id=29820"
          },
          {
            "name": "ADV-2011-0552",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0552"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2011:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "ADV-2010-2722",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2722"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=9877"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html"
        },
        {
          "name": "USN-1006-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1006-1"
        },
        {
          "name": "41856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41856"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.webkit.org/changeset/52784"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://websec.sv.cmu.edu/css/css.pdf"
        },
        {
          "name": "oval:org.mitre.oval:def:13653",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13653"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.webkit.org/show_bug.cgi?id=29820"
        },
        {
          "name": "ADV-2011-0552",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0552"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0651",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:039",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "ADV-2010-2722",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2722"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=9877",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=9877"
            },
            {
              "name": "http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html",
              "refsource": "MISC",
              "url": "http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html"
            },
            {
              "name": "USN-1006-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1006-1"
            },
            {
              "name": "41856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41856"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "http://trac.webkit.org/changeset/52784",
              "refsource": "CONFIRM",
              "url": "http://trac.webkit.org/changeset/52784"
            },
            {
              "name": "http://websec.sv.cmu.edu/css/css.pdf",
              "refsource": "MISC",
              "url": "http://websec.sv.cmu.edu/css/css.pdf"
            },
            {
              "name": "oval:org.mitre.oval:def:13653",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13653"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=29820",
              "refsource": "CONFIRM",
              "url": "https://bugs.webkit.org/show_bug.cgi?id=29820"
            },
            {
              "name": "ADV-2011-0552",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0552"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0651",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:37.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0659 (GCVE-0-2010-0659)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size.

References

URL

Tags

	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://trac.webkit.org/changeset/52833	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	https://bugs.webkit.org/show_bug.cgi?id=33231	x_refsource_CONFIRM
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=28566	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14079	vdb-entry, signature, x_refsource_OVAL

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.221Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.webkit.org/changeset/52833"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.webkit.org/show_bug.cgi?id=33231"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=28566"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "oval:org.mitre.oval:def:14079",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14079"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.webkit.org/changeset/52833"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.webkit.org/show_bug.cgi?id=33231"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=28566"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "oval:org.mitre.oval:def:14079",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14079"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0659",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "http://trac.webkit.org/changeset/52833",
              "refsource": "CONFIRM",
              "url": "http://trac.webkit.org/changeset/52833"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=33231",
              "refsource": "CONFIRM",
              "url": "https://bugs.webkit.org/show_bug.cgi?id=33231"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=28566",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=28566"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "oval:org.mitre.oval:def:14079",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14079"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0659",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.221Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0647 (GCVE-0-2010-0647)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	vendor-advisory, x_refsource_MANDRIVA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/bid/38177	vdb-entry, x_refsource_BID
	http://www.osvdb.org/62317	vdb-entry, x_refsource_OSVDB
	http://www.vupen.com/english/advisories/2010/2722	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1006-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/41856	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/56214	vdb-entry, x_refsource_XF
	http://securitytracker.com/id?1023583	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2010/0361	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://bugs.webkit.org/show_bug.cgi?id=33266	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0552	vdb-entry, x_refsource_VUPEN
	http://trac.webkit.org/changeset/53525	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=31692	x_refsource_CONFIRM
	http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html	x_refsource_CONFIRM
	http://secunia.com/advisories/38545	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.205Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
          },
          {
            "name": "oval:org.mitre.oval:def:14094",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094"
          },
          {
            "name": "38177",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38177"
          },
          {
            "name": "62317",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62317"
          },
          {
            "name": "ADV-2010-2722",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2722"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "USN-1006-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1006-1"
          },
          {
            "name": "41856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41856"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "googlechrome-ruby-tags-code-exec(56214)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56214"
          },
          {
            "name": "1023583",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023583"
          },
          {
            "name": "ADV-2010-0361",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0361"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.webkit.org/show_bug.cgi?id=33266"
          },
          {
            "name": "ADV-2011-0552",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0552"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.webkit.org/changeset/53525"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=31692"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
          },
          {
            "name": "38545",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38545"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a \u003cruby\u003e\u003e\u003ctable\u003e\u003crt\u003e sequence."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2011:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
        },
        {
          "name": "oval:org.mitre.oval:def:14094",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094"
        },
        {
          "name": "38177",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38177"
        },
        {
          "name": "62317",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62317"
        },
        {
          "name": "ADV-2010-2722",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2722"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "USN-1006-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1006-1"
        },
        {
          "name": "41856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41856"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "googlechrome-ruby-tags-code-exec(56214)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56214"
        },
        {
          "name": "1023583",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023583"
        },
        {
          "name": "ADV-2010-0361",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0361"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.webkit.org/show_bug.cgi?id=33266"
        },
        {
          "name": "ADV-2011-0552",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0552"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.webkit.org/changeset/53525"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=31692"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
        },
        {
          "name": "38545",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38545"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0647",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a \u003cruby\u003e\u003e\u003ctable\u003e\u003crt\u003e sequence."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:039",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
            },
            {
              "name": "oval:org.mitre.oval:def:14094",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094"
            },
            {
              "name": "38177",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38177"
            },
            {
              "name": "62317",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62317"
            },
            {
              "name": "ADV-2010-2722",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2722"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "USN-1006-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1006-1"
            },
            {
              "name": "41856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41856"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "googlechrome-ruby-tags-code-exec(56214)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56214"
            },
            {
              "name": "1023583",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023583"
            },
            {
              "name": "ADV-2010-0361",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0361"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=33266",
              "refsource": "CONFIRM",
              "url": "https://bugs.webkit.org/show_bug.cgi?id=33266"
            },
            {
              "name": "ADV-2011-0552",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0552"
            },
            {
              "name": "http://trac.webkit.org/changeset/53525",
              "refsource": "CONFIRM",
              "url": "http://trac.webkit.org/changeset/53525"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=31692",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=31692"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
            },
            {
              "name": "38545",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38545"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0647",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0661 (GCVE-0-2010-0661)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method.

References

URL

Tags

	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=30660	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://flock.com/security/	x_refsource_CONFIRM
	https://bugs.webkit.org/show_bug.cgi?id=32647	x_refsource_CONFIRM
	http://trac.webkit.org/changeset/52401	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14482	vdb-entry, signature, x_refsource_OVAL

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=30660"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://flock.com/security/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.webkit.org/show_bug.cgi?id=32647"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.webkit.org/changeset/52401"
          },
          {
            "name": "oval:org.mitre.oval:def:14482",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14482"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=30660"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://flock.com/security/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.webkit.org/show_bug.cgi?id=32647"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.webkit.org/changeset/52401"
        },
        {
          "name": "oval:org.mitre.oval:def:14482",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14482"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0661",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=30660",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=30660"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "http://flock.com/security/",
              "refsource": "CONFIRM",
              "url": "http://flock.com/security/"
            },
            {
              "name": "https://bugs.webkit.org/show_bug.cgi?id=32647",
              "refsource": "CONFIRM",
              "url": "https://bugs.webkit.org/show_bug.cgi?id=32647"
            },
            {
              "name": "http://trac.webkit.org/changeset/52401",
              "refsource": "CONFIRM",
              "url": "http://trac.webkit.org/changeset/52401"
            },
            {
              "name": "oval:org.mitre.oval:def:14482",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14482"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0661",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0662 (GCVE-0-2010-0662)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access to cause a denial of service or possibly have unspecified other impact via bitmap data, related to deserialization.

References

URL

Tags

	http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1023506	vdb-entry, x_refsource_SECTRACK
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/56627	vdb-entry, x_refsource_XF
	http://code.google.com/p/chromium/issues/detail?id=31307	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14457	vdb-entry, signature, x_refsource_OVAL

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.330Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
          },
          {
            "name": "1023506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "googlechrome-paramtraits-dos(56627)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56627"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=31307"
          },
          {
            "name": "oval:org.mitre.oval:def:14457",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14457"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ParamTraits\u003cSkBitmap\u003e::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access to cause a denial of service or possibly have unspecified other impact via bitmap data, related to deserialization."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
        },
        {
          "name": "1023506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "googlechrome-paramtraits-dos(56627)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56627"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=31307"
        },
        {
          "name": "oval:org.mitre.oval:def:14457",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14457"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0662",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ParamTraits\u003cSkBitmap\u003e::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access to cause a denial of service or possibly have unspecified other impact via bitmap data, related to deserialization."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
            },
            {
              "name": "1023506",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023506"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "googlechrome-paramtraits-dos(56627)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56627"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=31307",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=31307"
            },
            {
              "name": "oval:org.mitre.oval:def:14457",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14457"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0662",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.330Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0648 (GCVE-0-2010-0648)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.

References

URL

Tags

	http://code.google.com/p/chromium/issues/detail?id=32309	x_refsource_MISC
	http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html	x_refsource_MISC
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12665	vdb-entry, signature, x_refsource_OVAL
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html	vendor-advisory, x_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html	vendor-advisory, x_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=32309"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html"
          },
          {
            "name": "oval:org.mitre.oval:def:12665",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12665"
          },
          {
            "name": "FEDORA-2010-8360",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html"
          },
          {
            "name": "FEDORA-2010-8379",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html"
          },
          {
            "name": "FEDORA-2010-8423",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect\u0027s target URL, for the session of a specific user of a web site, by placing the site\u0027s URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=32309"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html"
        },
        {
          "name": "oval:org.mitre.oval:def:12665",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12665"
        },
        {
          "name": "FEDORA-2010-8360",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html"
        },
        {
          "name": "FEDORA-2010-8379",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html"
        },
        {
          "name": "FEDORA-2010-8423",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0648",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect\u0027s target URL, for the session of a specific user of a web site, by placing the site\u0027s URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=32309",
              "refsource": "MISC",
              "url": "http://code.google.com/p/chromium/issues/detail?id=32309"
            },
            {
              "name": "http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html",
              "refsource": "MISC",
              "url": "http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html"
            },
            {
              "name": "oval:org.mitre.oval:def:12665",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12665"
            },
            {
              "name": "FEDORA-2010-8360",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html"
            },
            {
              "name": "FEDORA-2010-8379",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html"
            },
            {
              "name": "FEDORA-2010-8423",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0648",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0645 (GCVE-0-2010-0645)

Vulnerability from cvelistv5

Published

2010-02-18 17:19

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/56213	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/38177	vdb-entry, x_refsource_BID
	http://code.google.com/p/v8/source/detail?r=3560	x_refsource_CONFIRM
	http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	x_refsource_CONFIRM
	http://securitytracker.com/id?1023583	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2010/0361	vdb-entry, x_refsource_VUPEN
	http://code.google.com/p/chromium/issues/detail?id=31009	x_refsource_CONFIRM
	http://www.osvdb.org/62316	vdb-entry, x_refsource_OSVDB
	http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14508	vdb-entry, signature, x_refsource_OVAL
	http://codereview.chromium.org/525064	x_refsource_CONFIRM
	http://secunia.com/advisories/38545	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:37.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "googlechrome-v8engine-code-exec(56213)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56213"
          },
          {
            "name": "38177",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38177"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/v8/source/detail?r=3560"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
          },
          {
            "name": "1023583",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023583"
          },
          {
            "name": "ADV-2010-0361",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0361"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=31009"
          },
          {
            "name": "62316",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62316"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
          },
          {
            "name": "oval:org.mitre.oval:def:14508",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14508"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://codereview.chromium.org/525064"
          },
          {
            "name": "38545",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38545"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "googlechrome-v8engine-code-exec(56213)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56213"
        },
        {
          "name": "38177",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38177"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/v8/source/detail?r=3560"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
        },
        {
          "name": "1023583",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023583"
        },
        {
          "name": "ADV-2010-0361",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0361"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=31009"
        },
        {
          "name": "62316",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62316"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
        },
        {
          "name": "oval:org.mitre.oval:def:14508",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14508"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://codereview.chromium.org/525064"
        },
        {
          "name": "38545",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38545"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0645",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "googlechrome-v8engine-code-exec(56213)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56213"
            },
            {
              "name": "38177",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38177"
            },
            {
              "name": "http://code.google.com/p/v8/source/detail?r=3560",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/v8/source/detail?r=3560"
            },
            {
              "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
              "refsource": "CONFIRM",
              "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
            },
            {
              "name": "1023583",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023583"
            },
            {
              "name": "ADV-2010-0361",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0361"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=31009",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=31009"
            },
            {
              "name": "62316",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62316"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
            },
            {
              "name": "oval:org.mitre.oval:def:14508",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14508"
            },
            {
              "name": "http://codereview.chromium.org/525064",
              "refsource": "CONFIRM",
              "url": "http://codereview.chromium.org/525064"
            },
            {
              "name": "38545",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38545"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0645",
    "datePublished": "2010-02-18T17:19:00",
    "dateReserved": "2010-02-18T00:00:00",
    "dateUpdated": "2024-08-07T00:59:37.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2010-AVI-077

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature

Action not permitted

CERTA-2010-AVI-077

Vulnerability from certfr_avis

Description

Solution

CVE-2010-0663 (GCVE-0-2010-0663)

Vulnerability from cvelistv5

CVE-2010-0650 (GCVE-0-2010-0650)

Vulnerability from cvelistv5

CVE-2010-0656 (GCVE-0-2010-0656)

Vulnerability from cvelistv5

CVE-2010-0644 (GCVE-0-2010-0644)

Vulnerability from cvelistv5

CVE-2010-0646 (GCVE-0-2010-0646)

Vulnerability from cvelistv5

CVE-2010-0655 (GCVE-0-2010-0655)

Vulnerability from cvelistv5

CVE-2010-0649 (GCVE-0-2010-0649)

Vulnerability from cvelistv5

CVE-2010-0657 (GCVE-0-2010-0657)

Vulnerability from cvelistv5

CVE-2010-0660 (GCVE-0-2010-0660)

Vulnerability from cvelistv5

CVE-2010-0658 (GCVE-0-2010-0658)

Vulnerability from cvelistv5

CVE-2010-0651 (GCVE-0-2010-0651)

Vulnerability from cvelistv5

CVE-2010-0659 (GCVE-0-2010-0659)

Vulnerability from cvelistv5

CVE-2010-0647 (GCVE-0-2010-0647)

Vulnerability from cvelistv5

CVE-2010-0661 (GCVE-0-2010-0661)

Vulnerability from cvelistv5

CVE-2010-0662 (GCVE-0-2010-0662)

Vulnerability from cvelistv5

CVE-2010-0648 (GCVE-0-2010-0648)

Vulnerability from cvelistv5

CVE-2010-0645 (GCVE-0-2010-0645)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature