CVE-2010-0646 Information
Description
Multiple integer signedness errors in factory.cc in Google V8 before r3560 as used in Google Chrome before 4.0.249.89 allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.
Reference
http://code.google.com/p/chromium/issues/detail?id=31009 http://code.google.com/p/v8/source/detail?r=3560 http://codereview.chromium.org/525064 http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html http://secunia.com/advisories/38545 http://securitytracker.com/id?1023583 http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs http://www.osvdb.org/62316 http://www.securityfocus.com/bid/38177 http://www.vupen.com/english/advisories/2010/0361 https://exchange.xforce.ibmcloud.com/vulnerabilities/56213 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14222
Share on: