Lucene search

K
cveMitreCVE-2010-2648
HistoryJul 06, 2010 - 5:17 p.m.

CVE-2010-2648

2010-07-0617:17:14
CWE-119
mitre
web.nvd.nist.gov
36
nvd
cve-2010-2648
google chrome
unicode
bidirectional algorithm
memory corruption
denial of service

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0.017

Percentile

87.8%

The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Affected configurations

Nvd
Node
googlechromeRange<5.0.375.99
Node
opensuseopensuseMatch11.3
Node
canonicalubuntu_linuxMatch9.10
OR
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch10.10
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
opensuseopensuse11.3cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
canonicalubuntu_linux9.10cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
canonicalubuntu_linux10.04cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
canonicalubuntu_linux10.10cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0.017

Percentile

87.8%