CVE-2010-0663

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:P/I:N/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
googlechrome
𝑥
≤ 4.0.249.0
googlechrome
0.2.149.27
googlechrome
0.2.149.29
googlechrome
0.2.149.30
googlechrome
0.2.152.1
googlechrome
0.2.153.1
googlechrome
0.3.154.0
googlechrome
0.3.154.3
googlechrome
0.4.154.18
googlechrome
0.4.154.22
googlechrome
0.4.154.31
googlechrome
0.4.154.33
googlechrome
1.0.154.36
googlechrome
1.0.154.39
googlechrome
1.0.154.42
googlechrome
1.0.154.43
googlechrome
1.0.154.46
googlechrome
1.0.154.48
googlechrome
1.0.154.52
googlechrome
1.0.154.53
googlechrome
1.0.154.59
googlechrome
1.0.154.65
googlechrome
2.0.156.1
googlechrome
2.0.157.0
googlechrome
2.0.157.2
googlechrome
2.0.158.0
googlechrome
2.0.159.0
googlechrome
2.0.169.0
googlechrome
2.0.169.1
googlechrome
2.0.170.0
googlechrome
2.0.172
googlechrome
2.0.172.2
googlechrome
2.0.172.8
googlechrome
2.0.172.27
googlechrome
2.0.172.28
googlechrome
2.0.172.30
googlechrome
2.0.172.31
googlechrome
2.0.172.33
googlechrome
2.0.172.37
googlechrome
2.0.172.38
googlechrome
3.0.182.2
googlechrome
3.0.190.2
googlechrome
3.0.193.2
googlechrome
3.0.195.21
googlechrome
3.0.195.24
googlechrome
3.0.195.32
googlechrome
3.0.195.33
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
lucid
not-affected
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
dapper
dne