CVE-2010-0663
CVE-2010-0663
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://code.google.com/p/chromium/issues/detail?id=31307http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.htmlhttp://securitytracker.com/id?1023506http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugshttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14002