10
CVE-2010-0646
- EPSS 4.53%
- Veröffentlicht 18.02.2010 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:16:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.53% | 0.903 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html
http://secunia.com/advisories/38545
http://securitytracker.com/id?1023583
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs
http://www.securityfocus.com/bid/38177
http://www.vupen.com/english/advisories/2010/0361
http://code.google.com/p/chromium/issues/detail?id=31009
http://code.google.com/p/v8/source/detail?r=3560
http://codereview.chromium.org/525064
http://www.osvdb.org/62316
https://exchange.xforce.ibmcloud.com/vulnerabilities/56213
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222