Vulnerability CVE-2010-0646

Vulnerability Name:

CVE-2010-0646 (CCN-56213)

Assigned:

2010-02-10

Published:

2010-02-10

Updated:

2017-09-19

Summary:

Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-189

Vulnerability Consequences:

Gain Access

References:

Source: CONFIRM
Type: Exploit
http://code.google.com/p/chromium/issues/detail?id=31009

Source: CONFIRM
Type: UNKNOWN
http://code.google.com/p/v8/source/detail?r=3560

Source: CONFIRM
Type: Patch
http://codereview.chromium.org/525064

Source: MITRE
Type: CNA
CVE-2010-0645

Source: MITRE
Type: CNA
CVE-2010-0646

Source: CCN
Type: Google Chrome Releases
Stable Channel Update

Source: CONFIRM
Type: UNKNOWN
http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html

Source: CCN
Type: SA38545
Google Chrome Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
38545

Source: CCN
Type: SECTRACK ID: 1023583
Google Chrome Bugs Let Remote Users Execute Arbitrary Code and Obtain Information

Source: SECTRACK
Type: UNKNOWN
1023583

Source: CONFIRM
Type: Vendor Advisory
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs

Source: CCN
Type: Google Web site
Google Chrome Frame-Bring open web technologies to your browser

Source: OSVDB
Type: UNKNOWN
62316

Source: CCN
Type: OSVDB ID: 62316
Google Chrome V8 Engine factory.cc Multiple Overflows

Source: BID
Type: UNKNOWN
38177

Source: CCN
Type: BID-38177
Google Chrome prior to 4.0.249.89 Multiple Security Vulnerabilities

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2010-0361

Source: XF
Type: UNKNOWN
googlechrome-v8engine-code-exec(56213)

Source: XF
Type: UNKNOWN
googlechrome-v8engine-code-exec(56213)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14222

Vulnerable Configuration:

Configuration 1:

cpe:/a:google:chrome:0.2.149.27:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.149.29:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.149.30:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.152.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.153.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.3.154.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.3.154.3:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.18:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.22:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.31:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.33:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.36:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.39:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.42:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.43:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.46:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.48:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.52:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.53:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.59:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.65:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.156.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.157.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.157.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.158.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.159.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.169.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.169.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.170.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.8:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.27:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.28:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.30:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.31:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.33:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.37:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.38:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:3.0.182.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:3.0.190.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*

OR cpe:/a:google:chrome:3.0.195.21:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:3.0.195.24:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:3.0.195.32:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:3.0.195.33:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:4.0.244.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version <= 4.0.249.78)

OR cpe:/a:google:chrome:4.0.249.78:beta:*:*:*:*:*:*

Configuration CCN 1: