WebKit Image Decoder Memory Allocation Vulnerability in Google Chrome
CVE-2010-0659

Currently unrated

Key Information:

Vendor

Apple
Status
Webkit
Chrome
Vendor
CVE Published:
18 February 2010

What is CVE-2010-0659?

A security flaw exists in the image decoder of WebKit, utilized by Google Chrome prior to version 4.0.249.78. This vulnerability arises from improper handling of memory allocation failures, allowing remote attackers to manipulate the browser's sandbox environment. By crafting a malformed GIF file that specifies an excessively large size, attackers can execute arbitrary code, potentially compromising user systems. This issue is critical for users of outdated versions of Chrome and requires prompt attention to mitigate risks.

References

http://googlechromereleases.blogspot.com/2010/01/stable-c...
x_refsource_CONFIRM
http://secunia.com/advisories/43068
third-party-advisoryx_refsource_SECUNIA
http://trac.webkit.org/changeset/52833
x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.