ID

VAR-201012-0280


CVE

CVE-2010-4487


TITLE

Google Chrome Vulnerabilities associated with incomplete blacklists \

Trust: 0.8

sources: JVNDB: JVNDB-2010-003475

DESCRIPTION

Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 on Linux and Mac OS X allows remote attackers to have an unspecified impact via a "dangerous file.". Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, gain access to sensitive information, and bypass intended security restrictions; other attacks are also possible. Versions prior to Chrome 8.0.552.215 are vulnerable. Google Chrome is a web browser developed by Google (Google). Remote attackers can use \"dangerous files\" to cause unknown effects. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42472 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42472 RELEASE DATE: 2010-12-04 DISCUSS ADVISORY: http://secunia.com/advisories/42472/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42472/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42472 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities and weaknesses have been reported in Google Chrome, where some have an unknown impact and other can potentially be exploited by malicious people to compromise a vulnerable system. 1) An unspecified error exists, which can lead to cross-origin video theft with canvas. 2) An unspecified error can be exploited to cause a crash with HTML5 databases. 3) An unspecified error can be exploited to cause excessive file dialogs, potentially leading to a crash. 4) A use-after-free error in the history handling can be exploited to corrupt memory. 5) An unspecified error related to HTTP proxy authentication can be exploited to cause a crash. 6) An unspecified error in WebM video support can be exploited to trigger an out-of-bounds read. 7) An error related to incorrect indexing with malformed video data can be exploited to cause a crash. 8) An unspecified error in the handling of privileged extensions can be exploited to corrupt memory. 9) An use-after-free error in the handling of SVG animations can be exploited to corrupt memory. 10) A use-after-free error in the mouse dragging event handling can be exploited to corrupt memory. 11) A double-free error in the XPath handling can be exploited to corrupt memory. SOLUTION: Fixed in version 8.0.552.215. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR) 2) Google Chrome Security Team (Inferno) 3) Cezary Tomczak (gosu.pl) 4) Stefan Troger 5) Mohammed Bouhlel 6) Google Chrome Security Team (Chris Evans) 7) miaubiz 8, 10) kuzzcc 9) Sławomir Błażek 11) Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2010-4487 // JVNDB: JVNDB-2010-003475 // BID: 45170 // VULHUB: VHN-47092 // PACKETSTORM: 96384

AFFECTED PRODUCTS

vendor:googlemodel:chromescope:ltversion:8.0.552.215

Trust: 1.8

vendor:linuxmodel:kernelscope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope: - version: -

Trust: 0.8

vendor:googlemodel:chromescope:eqversion:6.0.484.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.480.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.482.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.459.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.479.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.483.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.476.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.481.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.477.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:6.0.475.0

Trust: 0.6

vendor:ubuntumodel:linux powerpcscope:eqversion:10.10

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.10

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.10

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.10

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.3

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.214

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.213

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.212

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.211

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.210

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.21

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.209

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.208

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.207

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.206

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.205

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.204

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.203

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.202

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.201

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.200

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.20

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.19

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.18

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.17

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.16

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.15

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.14

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.13

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.12

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.11

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.105

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.104

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.103

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.102

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.101

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.100

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.10

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.551.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.551.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.550.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.549.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.44

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.43

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.41

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:googlemodel:chromescope:neversion:8.0.552.215

Trust: 0.3

sources: BID: 45170 // JVNDB: JVNDB-2010-003475 // CNNVD: CNNVD-201012-083 // NVD: CVE-2010-4487

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-4487
value: HIGH

Trust: 1.0

NVD: CVE-2010-4487
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201012-083
value: HIGH

Trust: 0.6

VULHUB: VHN-47092
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-4487
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-47092
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-47092 // JVNDB: JVNDB-2010-003475 // CNNVD: CNNVD-201012-083 // NVD: CVE-2010-4487

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2010-003475 // NVD: CVE-2010-4487

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201012-083

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201012-083

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-003475

PATCH

title:Apple OS Xurl:http://www.apple.com/macosx/

Trust: 0.8

title:Beta Channel Updateurl:http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html

Trust: 0.8

title:Top Pageurl:http://www.kernel.org/

Trust: 0.8

title:chrome_v8.0.522.215url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=35900

Trust: 0.6

sources: JVNDB: JVNDB-2010-003475 // CNNVD: CNNVD-201012-083

EXTERNAL IDS

db:NVDid:CVE-2010-4487

Trust: 2.8

db:SECUNIAid:42472

Trust: 1.8

db:JVNDBid:JVNDB-2010-003475

Trust: 0.8

db:CNNVDid:CNNVD-201012-083

Trust: 0.7

db:BIDid:45170

Trust: 0.3

db:VULHUBid:VHN-47092

Trust: 0.1

db:PACKETSTORMid:96384

Trust: 0.1

sources: VULHUB: VHN-47092 // BID: 45170 // JVNDB: JVNDB-2010-003475 // PACKETSTORM: 96384 // CNNVD: CNNVD-201012-083 // NVD: CVE-2010-4487

REFERENCES

url:http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html

Trust: 2.1

url:http://code.google.com/p/chromium/issues/detail?id=59817

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13423

Trust: 1.7

url:http://secunia.com/advisories/42472

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4487

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4487

Trust: 0.8

url:http://www.google.com/chrome

Trust: 0.3

url:http://www.xmlsoft.org/

Trust: 0.3

url:http://www.microsoft.com/technet/security/advisory/msvr11-002.mspx

Trust: 0.3

url:http://secunia.com/products/corporate/evm/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/products/corporate/vim/

Trust: 0.1

url:http://secunia.com/advisories/42472/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42472

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/42472/#comments

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: VULHUB: VHN-47092 // BID: 45170 // JVNDB: JVNDB-2010-003475 // PACKETSTORM: 96384 // CNNVD: CNNVD-201012-083 // NVD: CVE-2010-4487

CREDITS

Google Chrome Security Team, Nirankush Panchbhai, Microsoft Vulnerability Research (MSVR), Inferno, Cezary Tomczak, Stefan Troger, Billy Rios, Mohammed Bouhlel, Chris Evans, miaubiz, kuzzcc, Slawomir Blazek, Yang Dingning from NCNIPC

Trust: 0.3

sources: BID: 45170

SOURCES

db:VULHUBid:VHN-47092
db:BIDid:45170
db:JVNDBid:JVNDB-2010-003475
db:PACKETSTORMid:96384
db:CNNVDid:CNNVD-201012-083
db:NVDid:CVE-2010-4487

LAST UPDATE DATE

2024-11-23T19:39:29.400000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-47092date:2020-07-28T00:00:00
db:BIDid:45170date:2015-05-07T17:10:00
db:JVNDBid:JVNDB-2010-003475date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201012-083date:2020-07-29T00:00:00
db:NVDid:CVE-2010-4487date:2024-11-21T01:21:03.477

SOURCES RELEASE DATE

db:VULHUBid:VHN-47092date:2010-12-07T00:00:00
db:BIDid:45170date:2010-12-02T00:00:00
db:JVNDBid:JVNDB-2010-003475date:2012-03-27T00:00:00
db:PACKETSTORMid:96384date:2010-12-04T05:20:18
db:CNNVDid:CNNVD-201012-083date:2010-12-09T00:00:00
db:NVDid:CVE-2010-4487date:2010-12-07T21:00:09.187