Vulnerability Description
Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | <= 2.0.172.37 |
Related Weaknesses (CWE)
References
- http://code.google.com/p/chromium/issues/detail?id=18639Vendor Advisory
- http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.htVendor Advisory
- http://osvdb.org/57421
- http://secunia.com/advisories/36417Vendor Advisory
- http://www.securityfocus.com/bid/36149
- http://www.securitytracker.com/id?1022773
- http://www.vupen.com/english/advisories/2009/2420Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52902
- http://code.google.com/p/chromium/issues/detail?id=18639Vendor Advisory
- http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.htVendor Advisory
- http://osvdb.org/57421
- http://secunia.com/advisories/36417Vendor Advisory
- http://www.securityfocus.com/bid/36149
- http://www.securitytracker.com/id?1022773
- http://www.vupen.com/english/advisories/2009/2420Vendor Advisory
FAQ
What is CVE-2009-2935?
CVE-2009-2935 is a vulnerability with a CVSS score of 10.0 (HIGH). Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in...
How severe is CVE-2009-2935?
CVE-2009-2935 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2935?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome.