CVE-2010-2648

Published: Jul 6, 2010Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Affected (5)

Products: Google: Chrome · Opensuse: Opensuse · Canonical: Ubuntu Linux

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 5.0.375.99

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.3

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 10.04
Canonical Ubuntu Linux	Version 10.10
Canonical Ubuntu Linux	Version 9.10

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (18)

http://code.google.com/p/chromium/issues/detail?id=44424

Source: cve@mitre.org

Issue TrackingPatchVendor Advisory

http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html

Source: cve@mitre.org

Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://secunia.com/advisories/41856

Source: cve@mitre.org

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-1006-1

Source: cve@mitre.org

Third Party Advisory

http://www.vupen.com/english/advisories/2010/2722

Source: cve@mitre.org

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0552

Source: cve@mitre.org

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11900

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=44424

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchVendor Advisory

http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://secunia.com/advisories/41856

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:039

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-1006-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.vupen.com/english/advisories/2010/2722

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0552

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11900

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.