Lucene search

[email protected]CVE-2009-1442

HistoryMay 07, 2009 - 5:30 p.m.

CVE-2009-1442

2009-05-0717:30:04

CWE-189

[email protected]

web.nvd.nist.gov

cve-2009-1442

skia

google chrome

integer overflows

remote code execution

nvd

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.8%

JSON

Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.

Affected configurations

NVD

Node

googlechromeRange≤1.0.154.53

googlechromeMatch0.2.149.29

googlechromeMatch0.2.149.30

googlechromeMatch0.2.152.1

googlechromeMatch0.2.153.1

googlechromeMatch0.3.154.0

googlechromeMatch0.3.154.3

googlechromeMatch0.4.154.18

googlechromeMatch0.4.154.22

googlechromeMatch0.4.154.31

googlechromeMatch0.4.154.33

googlechromeMatch1.0.154.36

googlechromeMatch1.0.154.39

googlechromeMatch1.0.154.42

googlechromeMatch1.0.154.43

googlechromeMatch1.0.154.46

googlechromeMatch1.0.154.59

googlechromeMatch2.0.156.1

googlechromeMatch2.0.157.0

googlechromeMatch2.0.157.2

googlechromeMatch2.0.158.0

googlechromeMatch2.0.159.0

CPENameOperatorVersion
google:chromegoogle chromele1.0.154.53
google:chromegoogle chromeeq0.2.149.29
google:chromegoogle chromeeq0.2.149.30
google:chromegoogle chromeeq0.2.152.1
google:chromegoogle chromeeq0.2.153.1
google:chromegoogle chromeeq0.3.154.0
google:chromegoogle chromeeq0.3.154.3
google:chromegoogle chromeeq0.4.154.18
google:chromegoogle chromeeq0.4.154.22
google:chromegoogle chromeeq0.4.154.31

CPE	Name	Operator	Version
google:chrome	google chrome	le	1.0.154.53
google:chrome	google chrome	eq	0.2.149.29
google:chrome	google chrome	eq	0.2.149.30
google:chrome	google chrome	eq	0.2.152.1
google:chrome	google chrome	eq	0.2.153.1
google:chrome	google chrome	eq	0.3.154.0
google:chrome	google chrome	eq	0.3.154.3
google:chrome	google chrome	eq	0.4.154.18
google:chrome	google chrome	eq	0.4.154.22
google:chrome	google chrome	eq	0.4.154.31