Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2010-0649

Published

13 years ago

Last Modified

5 years ago

CVSSv2.0 Severity

High

Impact Analysis

Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages..

CVSSv2.0 Score

Severity: High
Base Score: 9.3/10
Exploit Score: 8.6/10
Access Vector: Network
Access Complexity: Medium
Authentication Required: None
Impact Score: 10/10
Confidentiality Impact: Complete
Availability Impact: Complete
Integrity Impact: Complete

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:google:chrome:2.0.172.8:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.3.154.3:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:3.0.182.2:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.2.149.30:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.4.154.31:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.39:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.38:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.59:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.2.149.27:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.53:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.4.154.33:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.170.0:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.43:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.42:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.169.1:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.33:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:3.0.195.24:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:3.0.195.33:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.52:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.27:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.65:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.157.2:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.4.154.18:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.2.149.29:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.157.0:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.2.152.1:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.3.154.0:::::::*	Yes	-	-
cpe:2.3:a:google:chrome::::::::	Yes	-	-
cpe:2.3:a:google:chrome:0.2.153.1:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.2:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:3.0.195.21:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.169.0:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.36:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.30:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:3.0.193.2:beta::::::	Yes	-	-
cpe:2.3:a:google:chrome:2.0.156.1:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:3.0.195.32:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.46:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:3.0.190.2:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:0.4.154.22:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.159.0:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.158.0:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.28:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.31:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:1.0.154.48:::::::*	Yes	-	-
cpe:2.3:a:google:chrome:2.0.172.37:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2010-0649

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2010-0649

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References