Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-0649

Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://code.google.com...
CONFIRM: http://googlechromerel...
CONFIRM: http://sites.google.co...
BID: 38177
OSVDB: 62320
SECTRACK: 1023583
SECUNIA: 38545
VUPEN: ADV-2010-0361
XF: googlechrome-sandbox-c...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2010-0649

Related bugs

References