CVE-2009-1442

Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://code.google.com/p/chromium/issues/detail?id=10736	Exploit
http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html	Patch Vendor Advisory
http://code.google.com/p/skia/source/detail?r=159
http://www.securitytracker.com/id?1022175
http://secunia.com/advisories/35014
http://osvdb.org/54248
http://www.vupen.com/english/advisories/2009/1266
http://www.securityfocus.com/bid/34859

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:google:chrome:0.3.154.0:::::::*
	cpe:2.3:a:google:chrome:0.2.152.1:::::::*
	cpe:2.3:a:google:chrome:1.0.154.59:::::::*
	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:0.3.154.3:::::::*
	cpe:2.3:a:google:chrome:0.2.149.29:::::::*
	cpe:2.3:a:google:chrome:1.0.154.39:::::::*
	cpe:2.3:a:google:chrome:1.0.154.42:::::::*
	cpe:2.3:a:google:chrome:2.0.157.2:::::::*
	cpe:2.3:a:google:chrome:2.0.158.0:::::::*
	cpe:2.3:a:google:chrome:0.4.154.18:::::::*
	cpe:2.3:a:google:chrome:0.2.149.30:::::::*
	cpe:2.3:a:google:chrome:0.4.154.31:::::::*
	cpe:2.3:a:google:chrome:0.4.154.33:::::::*
	cpe:2.3:a:google:chrome:1.0.154.43:::::::*
	cpe:2.3:a:google:chrome:2.0.157.0:::::::*
	cpe:2.3:a:google:chrome:0.2.153.1:::::::*
	cpe:2.3:a:google:chrome:1.0.154.36:::::::*
	cpe:2.3:a:google:chrome:2.0.156.1:::::::*
	cpe:2.3:a:google:chrome:1.0.154.46:::::::*
	cpe:2.3:a:google:chrome:0.4.154.22:::::::*
	cpe:2.3:a:google:chrome:2.0.159.0:::::::*

Information

Published : 2009-05-07 10:30

Updated : 2009-05-18 22:35

NVD link : CVE-2009-1442

Mitre link : CVE-2009-1442

JSON object : View

CWE

CWE-189

Numeric Errors

Advertisement

Products Affected

google

chrome

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://code.google.com/p/chromium/issues/detail?id=10736", "name": "http://code.google.com/p/chromium/issues/detail?id=10736", "tags": ["Exploit"], "refsource": "CONFIRM"}, {"url": "http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html", "name": "http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://code.google.com/p/skia/source/detail?r=159", "name": "http://code.google.com/p/skia/source/detail?r=159", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id?1022175", "name": "1022175", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/35014", "name": "35014", "tags": [], "refsource": "SECUNIA"}, {"url": "http://osvdb.org/54248", "name": "54248", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2009/1266", "name": "ADV-2009-1266", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.securityfocus.com/bid/34859", "name": "34859", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-189"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-1442", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2009-05-07T17:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.0.154.53"}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2009-05-19T05:35Z"}