Detections
Analytics

CVE-2010-0645

high

Description

Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14508

https://exchange.xforce.ibmcloud.com/vulnerabilities/56213

http://www.vupen.com/english/advisories/2010/0361

http://www.securityfocus.com/bid/38177

http://www.osvdb.org/62316

http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs

http://securitytracker.com/id?1023583

http://secunia.com/advisories/38545

http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html

http://codereview.chromium.org/525064

http://code.google.com/p/v8/source/detail?r=3560

http://code.google.com/p/chromium/issues/detail?id=31009

Details

Source: Mitre, NVD

Published: 2010-02-18

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High