Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2010-0659

CVE information

Published

12 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size..

CVSSv2.0 Score

Severity
High
Base Score
9.3/10
Exploit Score
8.6/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
None
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:4.0.244.0:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*
  Yes
-