PRIOn knowledge basePRION:CVE-2009-2935Design/Logic Flaw
7.7 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.054 Low
EPSS
Percentile
93.0%
Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| chrome | eq | 0.3.154.3 | |
| chrome | eq | 0.2.149.30 | |
| chrome | eq | 0.4.154.31 | |
| chrome | eq | 1.0.154.39 | |
| chrome | eq | 1.0.154.59 | |
| chrome | eq | 0.2.149.27 | |
| chrome | eq | 1.0.154.53 | |
| chrome | eq | 0.4.154.33 | |
| chrome | eq | 1.0.154.43 | |
| chrome | eq | 1.0.154.42 |
References
osvdb.org/57421
secunia.com/advisories/36417
www.securityfocus.com/bid/36149
www.securitytracker.com/id?1022773
www.vupen.com/english/advisories/2009/2420
code.google.com/p/chromium/issues/detail?id=18639
exchange.xforce.ibmcloud.com/vulnerabilities/52902
googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
Related
7.7 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.054 Low
EPSS
Percentile
93.0%