VYPR
Unrated severityNVD Advisory· Published Feb 18, 2010· Updated Jun 16, 2026

CVE-2010-0649

CVE-2010-0649

Description

Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages.

Affected products

48
  • Google/Chrome48 versions
    cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 47 more
    • cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <=4.0.249.78
    • cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*
    • (no CPE)range: <4.0.249.89

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.