Candidate: CVE-2010-0649
PublicDate: 2010-02-18 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0649
 http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html
Description:
 Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in
 sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows
 attackers to leverage renderer access to cause a denial of service (heap
 memory corruption) or possibly have unspecified other impact via a
 malformed message, related to deserializing of sandbox messages.
Ubuntu-Description:
Notes:
Bugs:
 http://code.google.com/p/chromium/issues/detail?id=32915
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_chromium-browser:
 upstream: http://src.chromium.org/viewvc/chrome?view=rev&revision=36923
upstream_chromium-browser: needs-triage
dapper_chromium-browser: DNE
hardy_chromium-browser: DNE
intrepid_chromium-browser: DNE
jaunty_chromium-browser: DNE
karmic_chromium-browser: DNE
lucid_chromium-browser: not-affected (5.0.342.9~r43360-0ubuntu2)
devel_chromium-browser: not-affected (5.0.375.38~r46659-0ubuntu1)