CVE-2009-2555: Buffer Overflow
First published: Tue Jul 21 2009(Updated: )
Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google V8 | <=1.0 | |
| Google Chrome (Trace Event) | <=2.0.172.33 | |
| Google Chrome (Trace Event) | =0.2.149.29 | |
| Google Chrome (Trace Event) | =0.2.149.30 | |
| Google Chrome (Trace Event) | =0.2.152.1 | |
| Google Chrome (Trace Event) | =0.2.153.1 | |
| Google Chrome (Trace Event) | =0.3.154.0 | |
| Google Chrome (Trace Event) | =0.3.154.3 | |
| Google Chrome (Trace Event) | =0.4.154.18 | |
| Google Chrome (Trace Event) | =0.4.154.22 | |
| Google Chrome (Trace Event) | =0.4.154.31 | |
| Google Chrome (Trace Event) | =0.4.154.33 | |
| Google Chrome (Trace Event) | =1.0.154.36 | |
| Google Chrome (Trace Event) | =1.0.154.39 | |
| Google Chrome (Trace Event) | =1.0.154.42 | |
| Google Chrome (Trace Event) | =1.0.154.43 | |
| Google Chrome (Trace Event) | =1.0.154.46 | |
| Google Chrome (Trace Event) | =1.0.154.48 | |
| Google Chrome (Trace Event) | =1.0.154.52 | |
| Google Chrome (Trace Event) | =1.0.154.53 | |
| Google Chrome (Trace Event) | =1.0.154.59 | |
| Google Chrome (Trace Event) | =2.0.156.1 | |
| Google Chrome (Trace Event) | =2.0.157.0 | |
| Google Chrome (Trace Event) | =2.0.157.2 | |
| Google Chrome (Trace Event) | =2.0.158.0 | |
| Google Chrome (Trace Event) | =2.0.159.0 | |
| Google Chrome (Trace Event) | =2.0.172 | |
| Google Chrome (Trace Event) | =2.0.172.30 | |
| Google Chrome (Trace Event) | =2.0.172.31 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vupen.com/english/advisories/2009/1924
- http://www.securityfocus.com/bid/35722
- http://www.osvdb.org/55939
- http://code.google.com/p/chromium/issues/detail?id=14719
- http://codereview.chromium.org/141042
- http://googlechromereleases.blogspot.com/2009/07/stable-beta-update-bug-fixes.html
- http://secunia.com/advisories/35844
- http://codereview.chromium.org/141042/diff/6/1004
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51801
Frequently Asked Questions
What is the severity of CVE-2009-2555?
CVE-2009-2555 has a critical severity level due to its potential to allow remote code execution.
How do I fix CVE-2009-2555?
To fix CVE-2009-2555, update Google V8 to version 1.1.10.14 or later and Google Chrome to version 2.0.172.37 or later.
What causes CVE-2009-2555?
CVE-2009-2555 is caused by a heap-based buffer overflow in the JavaScript regular expression handling in Google V8.
What are the potential impacts of CVE-2009-2555?
The exploitation of CVE-2009-2555 could allow attackers to execute arbitrary code within the Chrome sandbox.
Which versions of Google software are affected by CVE-2009-2555?
CVE-2009-2555 affects Google V8 versions prior to 1.1.10.14 and several versions of Google Chrome up to 2.0.172.33.
- collector/nvd-historical
- agent/type
- agent/softwarecombine
- agent/references
- agent/severity
- agent/weakness
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/google v8
- version/google v8/1.0
- canonical/google chrome (trace event)
- version/google chrome (trace event)/2.0.172.33
- version/google chrome (trace event)/0.2.149.29
- version/google chrome (trace event)/0.2.149.30
- version/google chrome (trace event)/0.2.152.1
- version/google chrome (trace event)/0.2.153.1
- version/google chrome (trace event)/0.3.154.0
- version/google chrome (trace event)/0.3.154.3
- version/google chrome (trace event)/0.4.154.18
- version/google chrome (trace event)/0.4.154.22
- version/google chrome (trace event)/0.4.154.31
- version/google chrome (trace event)/0.4.154.33
- version/google chrome (trace event)/1.0.154.36
- version/google chrome (trace event)/1.0.154.39
- version/google chrome (trace event)/1.0.154.42
- version/google chrome (trace event)/1.0.154.43
- version/google chrome (trace event)/1.0.154.46
- version/google chrome (trace event)/1.0.154.48
- version/google chrome (trace event)/1.0.154.52
- version/google chrome (trace event)/1.0.154.53
- version/google chrome (trace event)/1.0.154.59
- version/google chrome (trace event)/2.0.156.1
- version/google chrome (trace event)/2.0.157.0
- version/google chrome (trace event)/2.0.157.2
- version/google chrome (trace event)/2.0.158.0
- version/google chrome (trace event)/2.0.159.0
- version/google chrome (trace event)/2.0.172
- version/google chrome (trace event)/2.0.172.30
- version/google chrome (trace event)/2.0.172.31