Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:02
Type | Values Removed | Values Added |
---|---|---|
References | () http://code.google.com/p/chromium/issues/detail?id=10736 - Exploit | |
References | () http://code.google.com/p/skia/source/detail?r=159 - | |
References | () http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html - Patch, Vendor Advisory | |
References | () http://osvdb.org/54248 - | |
References | () http://secunia.com/advisories/35014 - | |
References | () http://www.securityfocus.com/bid/34859 - | |
References | () http://www.securitytracker.com/id?1022175 - | |
References | () http://www.vupen.com/english/advisories/2009/1266 - |
Information
Published : 2009-05-07 17:30
Updated : 2024-11-21 01:02
NVD link : CVE-2009-1442
Mitre link : CVE-2009-1442
CVE.ORG link : CVE-2009-1442
JSON object : View
Products Affected
- chrome
CWE
CWE-189
Numeric Errors