CVE-2010-0646

N/A Unknown

Published: February 18, 2010 Modified: April 29, 2026

Description

Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=31009

Source: cve@mitre.org

Exploit

http://code.google.com/p/v8/source/detail?r=3560

Source: cve@mitre.org

http://codereview.chromium.org/525064

Source: cve@mitre.org

Patch

http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html

Source: cve@mitre.org

http://secunia.com/advisories/38545

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1023583

Source: cve@mitre.org

http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/62316

Source: cve@mitre.org

http://www.securityfocus.com/bid/38177

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2010/0361

Source: cve@mitre.org

Patch Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/56213

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222

Source: cve@mitre.org

http://code.google.com/p/chromium/issues/detail?id=31009