Vulnerability Name:
CVE-2009-1442 (CCN-50365)
Assigned:
2009-05-05
Published:
2009-05-05
Updated:
2009-05-19
Summary:
Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.
CVSS v3 Severity:
7.3 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
Low
Availibility (A):
Low
CVSS v2 Severity:
6.8 Medium
(CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
)
5.0 Medium
(Temporal CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
6.8 Medium
(CCN CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
)
5.0 Medium
(CCN Temporal CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
Vulnerability Type:
CWE-189
Vulnerability Consequences:
Gain Access
References:
Source: CONFIRM
Type: Exploit
http://code.google.com/p/chromium/issues/detail?id=10736
Source: CONFIRM
Type: UNKNOWN
http://code.google.com/p/skia/source/detail?r=159
Source: MITRE
Type: CNA
CVE-2009-1442
Source: CCN
Type: Google Chrome Releases Blog
Stable Update: Security Fix
Source: CONFIRM
Type: Patch, Vendor Advisory
http://googlechromereleases.blogspot.com/2009/05/stable-update-security-fix.html
Source: OSVDB
Type: UNKNOWN
54248
Source: CCN
Type: SA35014
Google Chrome Skia 2D Integer Overflow Vulnerabilities
Source: SECUNIA
Type: UNKNOWN
35014
Source: CCN
Type: SECTRACK ID: 1022175
Google Chrome Integer Overflow in Skia 2D Graphics Lets Remote Users Execute Arbitrary Code Within the Sandboxed Browser Tab
Source: CCN
Type: Google Chrome Web site
Google Chrome
Source: CCN
Type: OSVDB ID: 54248
Google Chrome Skia 2D Graphics Component Image Size Handling Overflow
Source: BID
Type: UNKNOWN
34859
Source: CCN
Type: BID-34859
Google Chrome Multiple Security Vulnerabilities
Source: SECTRACK
Type: UNKNOWN
1022175
Source: VUPEN
Type: UNKNOWN
ADV-2009-1266
Source: XF
Type: UNKNOWN
chrome-skmaskcomputeImagesize-bo(50365)
Vulnerable Configuration:
Configuration 1
:
cpe:/a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:*:*:*:*:*:*:*:*
(Version <= 1.0.154.53)
OR
cpe:/a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:2.0.156.1:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:2.0.157.0:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:2.0.157.2:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:2.0.158.0:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:2.0.159.0:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.55:*:*:*:*:*:*:*
OR
cpe:/a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
google
chrome 0.2.149.29
google
chrome 0.2.149.30
google
chrome 0.2.152.1
google
chrome 0.2.153.1
google
chrome 0.3.154.0
google
chrome 0.3.154.3
google
chrome 0.4.154.18
google
chrome 0.4.154.22
google
chrome 0.4.154.31
google
chrome 0.4.154.33
google
chrome 1.0.154.36
google
chrome 1.0.154.39
google
chrome 1.0.154.42
google
chrome 1.0.154.43
google
chrome 1.0.154.46
google
chrome *
google
chrome 1.0.154.59
google
chrome 2.0.156.1
google
chrome 2.0.157.0
google
chrome 2.0.157.2
google
chrome 2.0.158.0
google
chrome 2.0.159.0
google
chrome 0.2.149.27
google
chrome 0.2.149.29
google
chrome 0.2.149.30
google
chrome 1.0.154.36
google
chrome 1.0.154.43
google
chrome 1.0.154.42
google
chrome 1.0.154.39
google
chrome 0.4.154.33
google
chrome 0.4.154.31
google
chrome 0.4.154.22
google
chrome 0.4.154.18
google
chrome 0.3.154.3
google
chrome 0.3.154.0
google
chrome 0.2.153.1
google
chrome 0.2.152.1
google
chrome 1.0.154.55
google
chrome 1.0.154.53