| Title | Google Chrome で使用される Skia における整数オーバーフローの脆弱性 |
|---|---|
| Summary | Google Chrome で使用される Skia には、整数オーバーフローの脆弱性が存在します。 |
| Possible impacts | 第三者により、巧妙に細工された image または canvas を介して、renderer プロセス内の任意のコードを実行される可能性があります。 |
| Solution | ベンダ情報及び参考情報を参照して適切な対策を実施してください。 |
| Publication Date | May 5, 2009, midnight |
| Registration Date | Oct. 19, 2010, 2:56 p.m. |
| Last Update | Oct. 19, 2010, 2:56 p.m. |
| CVSS2.0 : 警告 | |
| Score | 6.8 |
|---|---|
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Google Chrome 1.0.154.64 未満 |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2010年10月19日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas. |
|---|---|
| Summary | Múltiples desbodamientos de enteros en Skia, utilizado en Google Chrome v1.x anteriores a v1.0.154.64 y v2.x, y posiblemente Android, debería permitir a los atacantes remotos ejecutar arbitrariamente código en el proceso de renderizado a través de (1) imagenes o (2) canvas manipulados. |
| Publication Date | May 8, 2009, 2:30 a.m. |
| Registration Date | Jan. 29, 2021, 1:17 p.m. |
| Last Update | April 23, 2026, 9:35 a.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 1.0.154.53 | ||||
| cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:* | |||||