CVE-2009-2935

high

Description

Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/52902

http://www.vupen.com/english/advisories/2009/2420

http://www.securitytracker.com/id?1022773

http://www.securityfocus.com/bid/36149

http://secunia.com/advisories/36417

http://osvdb.org/57421

http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html

http://code.google.com/p/chromium/issues/detail?id=18639

Details

Source: Mitre, NVD

Published: 2009-08-27

Updated: 2017-08-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics