[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-2935Date: (C)2009-08-27   (M)2024-02-09


Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1022773
BID-36149
SECUNIA-36417
OSVDB-57421
ADV-2009-2420
google-chrome-v8-security-bypass(52902)
http://code.google.com/p/chromium/issues/detail?id=18639
http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html

CPE    30
cpe:/a:google:chrome:0.2.149.30
cpe:/a:google:chrome:1.0.154.39
cpe:/a:google:chrome:1.0.154.59
cpe:/a:google:chrome:1.0.154.36
...
CWE    1
CWE-264
OVAL    6
oval:org.secpod.oval:def:33091
oval:org.secpod.oval:def:33084
oval:org.secpod.oval:def:36805
oval:org.secpod.oval:def:36804
...

© SecPod Technologies