[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-4574

Date: (C)2010-12-21   (M)2017-09-22 


The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or possibly have unspecified other impact, via invalid pickle data.

CVSS Score: 7.5Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECUNIA-42648
BID-45390
GLSA-201012-01
http://code.google.com/p/chromium/issues/detail?id=56449
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html
http://src.chromium.org/viewvc/chrome?view=rev&revision=68033

CPE    861
cpe:/o:google:chrome_os:8.0.552.342
cpe:/a:google:chrome:6.0.481.0
cpe:/a:google:chrome:8.0.552.105
cpe:/a:google:chrome:6.0.417.0
...
CWE    1
CWE-189
OVAL    3
oval:org.secpod.oval:def:185
oval:org.secpod.oval:def:164
oval:org.secpod.oval:def:143

© 2013 SecPod Technologies