Arbitrary Code Execution Vulnerability in Google Chrome Using WebKit
CVE-2010-0647

Currently unrated

Key Information:

Vendor

Apple
Status
Webkit
Chrome
Vendor
CVE Published:
18 February 2010

What is CVE-2010-0647?

A vulnerability in WebKit, utilized by Google Chrome, prior to version 4.0.249.89, allows remote attackers to execute arbitrary code. This exploitation involves a specially crafted RUBY element that can manipulate the browser's sandbox security measures. The issue is triggered by malformed HTML, which can lead to severe implications for system integrity and user safety. Proper handling and updating are essential to mitigate risks associated with this vulnerability.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/bid/38177
vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.