CyberSec.Space Logo
CVEブラウザに戻る

CVE-2010-0646

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile33.06th
Published2010年2月18日
Last Modified2026年4月29日

Vulnerability Description

Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

Affected Platforms (CPE)

📦
Google

Chrome

<= 4.0.249.78
📦
Google

Chrome

= 0.2.149.27
📦
Google

Chrome

= 0.2.149.29
📦
Google

Chrome

= 0.2.149.30
📦
Google

Chrome

= 0.2.152.1
📦
Google

Chrome

= 0.2.153.1
📦
Google

Chrome

= 0.3.154.0
📦
Google

Chrome

= 0.3.154.3
📦
Google

Chrome

= 0.4.154.18
📦
Google

Chrome

= 0.4.154.22
📦
Google

Chrome

= 0.4.154.31
📦
Google

Chrome

= 0.4.154.33
📦
Google

Chrome

= 1.0.154.36
📦
Google

Chrome

= 1.0.154.39
📦
Google

Chrome

= 1.0.154.42
📦
Google

Chrome

= 1.0.154.43
📦
Google

Chrome

= 1.0.154.46
📦
Google

Chrome

= 1.0.154.48
📦
Google

Chrome

= 1.0.154.52
📦
Google

Chrome

= 1.0.154.53
📦
Google

Chrome

= 1.0.154.59
📦
Google

Chrome

= 1.0.154.65
📦
Google

Chrome

= 2.0.156.1
📦
Google

Chrome

= 2.0.157.0
📦
Google

Chrome

= 2.0.157.2
📦
Google

Chrome

= 2.0.158.0
📦
Google

Chrome

= 2.0.159.0
📦
Google

Chrome

= 2.0.169.0
📦
Google

Chrome

= 2.0.169.1
📦
Google

Chrome

= 2.0.170.0
📦
Google

Chrome

= 2.0.172
📦
Google

Chrome

= 2.0.172.2
📦
Google

Chrome

= 2.0.172.8
📦
Google

Chrome

= 2.0.172.27
📦
Google

Chrome

= 2.0.172.28
📦
Google

Chrome

= 2.0.172.30
📦
Google

Chrome

= 2.0.172.31
📦
Google

Chrome

= 2.0.172.33
📦
Google

Chrome

= 2.0.172.37
📦
Google

Chrome

= 2.0.172.38
📦
Google

Chrome

= 3.0.182.2
📦
Google

Chrome

= 3.0.190.2
📦
Google

Chrome

= 3.0.193.2
📦
Google

Chrome

= 3.0.195.21
📦
Google

Chrome

= 3.0.195.24
📦
Google

Chrome

= 3.0.195.32
📦
Google

Chrome

= 3.0.195.33
📦
Google

Chrome

= 4.0.244.0
📦
Google

Chrome

= 4.0.249.78

References & Advisories

🔗 http://code.google.com/p/chromium/issues/detail?id=31009
🔗 http://code.google.com/p/v8/source/detail?r=3560
🔗 http://codereview.chromium.org/525064
🔗 http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html
🔗 http://secunia.com/advisories/38545
🔗 http://securitytracker.com/id?1023583
🔗 http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs
🔗 http://www.osvdb.org/62316

関連する脆弱性情報

CVE-2004-076410.0

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "c...

CVE-2009-247110.0

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers...

CVE-2021-3397010.0

Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

CVE-2009-266510.0

The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when cert...