Integer overflow vulnerability in the CrossCallParamsEx::CreateFromBuffer function in Google Chrome (rpm) before 4.0.249.89 via a malformed messageID: oval:org.secpod.oval:def:743 | Date: (C)2011-04-20 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with Google Chrome before 4.0.249.89 and is prone to integer overflow vulnerability. A flaw is present in the CrossCallParamsEx::CreateFromBuffer function in the application which does not properly hamdle deserializing of sandbox messages. Successful exploitation allow remote attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact.