10

CVE-2010-1233

Exploit
Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 4.1.249.1036
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.57% 0.831
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Broken Link
http://secunia.com/advisories/43068
Broken Link
http://www.vupen.com/english/advisories/2011/0212
Broken Link
http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=35724
Exploit
Permissions Required
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14023
Broken Link