CVE-2010-0659

Опубликовано: 18 фев. 2010

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*

Версия до r53524 (включая)

Одно из

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 4.0.249.78 (включая)

cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.244.0:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06977

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-399

Связанные уязвимости

CVE-2010-0659

ubuntu

почти 16 лет назад

CVE-2010-0659

debian

почти 16 лет назад

The image decoder in WebKit before r52833, as used in Google Chrome be ...

GHSA-wf8r-7846-mgqj

github

больше 3 лет назад

EPSS

Процентиль: 91%

0.06977

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-399