CVE-2009-2555

CWE-119Buffer Overflow3 documents3 sources
Severity
9.3CRITICAL
EPSS
27.2%
top 3.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeGoogle V8
Timeline
PublishedJul 21
Latest updateMay 2

Description

Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDgoogle/chrome2.0.172.33+27
NVDgoogle/v81.0

🔴Vulnerability Details

2
GHSA
GHSA-qq94-q2jg-wv4r: Heap-based buffer overflow in src/jsregexp2022-05-02
CVEList
CVE-2009-2555: Heap-based buffer overflow in src/jsregexp2009-07-21
CVE-2009-2555 (CRITICAL CVSS 9.3) | Heap-based buffer overflow in src/j | cvebase.io