Vulnerability Name: | CVE-2010-2648 (CCN-60047) | ||||||||||||
Assigned: | 2010-07-02 | ||||||||||||
Published: | 2010-07-02 | ||||||||||||
Updated: | 2020-08-07 | ||||||||||||
Summary: | The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||
Vulnerability Type: | CWE-119 | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: CONFIRM Type: Issue Tracking, Patch, Vendor Advisory http://code.google.com/p/chromium/issues/detail?id=44424 Source: MITRE Type: CNA CVE-2010-2648 Source: CCN Type: Google Chrome Releases Web site Stable Channel Update Source: CONFIRM Type: Vendor Advisory http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html Source: SUSE Type: Mailing List, Third Party Advisory SUSE-SR:2010:018 Source: CCN Type: SA40479 Google Chrome Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 41856 Source: MANDRIVA Type: Third Party Advisory MDVSA-2011:039 Source: CCN Type: OSVDB ID: 66046 Google Chrome Unicode Bidirectional Algorithm Unspecified Remote DoS Source: CCN Type: BID-41334 Google Chrome prior to 5.0.375.99 Multiple Security Vulnerabilities Source: CCN Type: BID-44217 Google Chrome Bidi Algorithm Memory Corruption Vulnerability Source: UBUNTU Type: Third Party Advisory USN-1006-1 Source: VUPEN Type: Third Party Advisory ADV-2010-2722 Source: VUPEN Type: Third Party Advisory ADV-2011-0552 Source: XF Type: UNKNOWN google-chrome-bidi-code-exec(60047) Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:11900 Source: SUSE Type: SUSE-SR:2010:018 SUSE Security Summary Report | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration CCN 1: ![]() | ||||||||||||
Oval Definitions | |||||||||||||
| |||||||||||||
BACK |