CVE-2010-0662

EPSS 0.49%
Veröffentlicht 18.02.2010 18:00:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access to cause a denial of service or possibly have unspecified other impact via bitmap data, related to deserialization.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Google ≫ Chrome Version <= 4.0.249.0

Google ≫ Chrome Version0.2.149.27

Google ≫ Chrome Version0.2.149.29

Google ≫ Chrome Version0.2.149.30

Google ≫ Chrome Version0.2.152.1

Google ≫ Chrome Version0.2.153.1

Google ≫ Chrome Version0.3.154.0

Google ≫ Chrome Version0.3.154.3

Google ≫ Chrome Version0.4.154.18

Google ≫ Chrome Version0.4.154.22

Google ≫ Chrome Version0.4.154.31

Google ≫ Chrome Version0.4.154.33

Google ≫ Chrome Version1.0.154.36

Google ≫ Chrome Version1.0.154.39

Google ≫ Chrome Version1.0.154.42

Google ≫ Chrome Version1.0.154.43

Google ≫ Chrome Version1.0.154.46

Google ≫ Chrome Version1.0.154.48

Google ≫ Chrome Version1.0.154.52

Google ≫ Chrome Version1.0.154.53

Google ≫ Chrome Version1.0.154.59

Google ≫ Chrome Version1.0.154.65

Google ≫ Chrome Version2.0.156.1

Google ≫ Chrome Version2.0.157.0

Google ≫ Chrome Version2.0.157.2

Google ≫ Chrome Version2.0.158.0

Google ≫ Chrome Version2.0.159.0

Google ≫ Chrome Version2.0.169.0

Google ≫ Chrome Version2.0.169.1

Google ≫ Chrome Version2.0.170.0

Google ≫ Chrome Version2.0.172

Google ≫ Chrome Version2.0.172.2

Google ≫ Chrome Version2.0.172.8

Google ≫ Chrome Version2.0.172.27

Google ≫ Chrome Version2.0.172.28

Google ≫ Chrome Version2.0.172.30

Google ≫ Chrome Version2.0.172.31

Google ≫ Chrome Version2.0.172.33

Google ≫ Chrome Version2.0.172.37

Google ≫ Chrome Version2.0.172.38

Google ≫ Chrome Version3.0.182.2

Google ≫ Chrome Version3.0.190.2

Google ≫ Chrome Version3.0.193.2 Updatebeta

Google ≫ Chrome Version3.0.195.21

Google ≫ Chrome Version3.0.195.24

Google ≫ Chrome Version3.0.195.32

Google ≫ Chrome Version3.0.195.33

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.49%	0.626

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs

Vendor Advisory

http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html

Patch

http://securitytracker.com/id?1023506

http://code.google.com/p/chromium/issues/detail?id=31307

https://exchange.xforce.ibmcloud.com/vulnerabilities/56627

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14457

https://nvd.nist.gov/vuln/detail/CVE-2010-0662

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0662

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0662

EUVD