CVE-2009-1442 Information

Description

Multiple integer overflows in Skia as used in Google Chrome 1.x before 1.0.154.64 and 2.x and possibly Android might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.

Reference

http://code.google.com/p/chromium/issues/detail?id=10736 http://code.google.com/p/skia/source/detail?r=159 http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html http://osvdb.org/54248 http://secunia.com/advisories/35014 http://www.securityfocus.com/bid/34859 http://www.securitytracker.com/id?1022175 http://www.vupen.com/english/advisories/2009/1266