CVE-2010-0649

2010-02-18 19:00:00 2017-09-19 03:30:27

Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Google - Chrome

Advisory	Patch	Confirmed	Link
			googlechrome-sandbox-code-exec(56217)
			ADV-2010-0361
			http://sites.google.com/a/chromium.org/dev/Home/chromium...
			http://googlechromereleases.blogspot.com/2010/02/stable-...
			38177
			1023583
			http://code.google.com/p/chromium/issues/detail?id=32915

CVE-2010-0649

2010-02-18 19:00:00 2017-09-19 03:30:27

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)