cpe:/a:google:chrome:0.2.149.29 cpe:/a:google:chrome:0.2.149.30 cpe:/a:google:chrome:0.2.152.1 cpe:/a:google:chrome:0.2.153.1 cpe:/a:google:chrome:0.3.154.0 cpe:/a:google:chrome:0.3.154.3 cpe:/a:google:chrome:0.4.154.18 cpe:/a:google:chrome:0.4.154.22 cpe:/a:google:chrome:0.4.154.31 cpe:/a:google:chrome:0.4.154.33 cpe:/a:google:chrome:1.0.154.36 cpe:/a:google:chrome:1.0.154.39 cpe:/a:google:chrome:1.0.154.42 cpe:/a:google:chrome:1.0.154.43 cpe:/a:google:chrome:1.0.154.46 cpe:/a:google:chrome:1.0.154.53 cpe:/a:google:chrome:1.0.154.59 cpe:/a:google:chrome:2.0.156.1 cpe:/a:google:chrome:2.0.157.0 cpe:/a:google:chrome:2.0.157.2 cpe:/a:google:chrome:2.0.158.0 cpe:/a:google:chrome:2.0.159.0 CVE-2009-1442 2009-05-07T13:30:04.797-04:00 2009-05-19T01:35:05.593-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-05-07T14:19:00.000-04:00 SECTRACK 1022175 BID 34859 SECUNIA 35014 OSVDB 54248 VUPEN ADV-2009-1266 CONFIRM http://code.google.com/p/chromium/issues/detail?id=10736 CONFIRM http://code.google.com/p/skia/source/detail?r=159 CONFIRM http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.