6.8
CVE-2009-1442
- EPSS 2.39%
- Veröffentlicht 07.05.2009 17:30:04
- Zuletzt bearbeitet 16.06.2026 23:07:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.39% | 0.818 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html
http://secunia.com/advisories/35014
http://www.securityfocus.com/bid/34859
http://www.vupen.com/english/advisories/2009/1266
http://code.google.com/p/chromium/issues/detail?id=10736
http://code.google.com/p/skia/source/detail?r=159
http://osvdb.org/54248
http://www.securitytracker.com/id?1022175