CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
74.1%
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc
in Google Chrome before 4.0.249.78 does not initialize the memory locations
that will hold bitmap data, which might allow remote attackers to obtain
potentially sensitive information from process memory by providing
insufficient data, related to use of a (1) thumbnail database or (2) HTML
canvas.