9.3

CVE-2010-3258

Exploit
The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 6.0.472.53
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.92% 0.559
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html
Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=52682
Patch
Vendor Advisory
Exploit
Issue Tracking
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12133
Third Party Advisory