[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77986

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2009-2555

Date: (C)2009-07-21   (M)2017-09-11
 
CVSS Score: 9.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression.

Reference:
BID-35722
SECUNIA-35844
OSVDB-55939
ADV-2009-1924
googlechrome-javascript-bo(51801)
http://code.google.com/p/chromium/issues/detail?id=14719
http://codereview.chromium.org/141042
http://codereview.chromium.org/141042/diff/6/1004
http://googlechromereleases.blogspot.com/2009/07/stable-beta-update-bug-fixes.html

CPE    28
cpe:/a:google:chrome:0.2.149.30
cpe:/a:google:chrome:1.0.154.39
cpe:/a:google:chrome:1.0.154.59
cpe:/a:google:chrome:1.0.154.36
...
CWE    1
CWE-119
OVAL    6
oval:org.secpod.oval:def:36775
oval:org.secpod.oval:def:36774
oval:org.secpod.oval:def:36801
oval:org.secpod.oval:def:36800
...

© 2013 SecPod Technologies