CVE-2010-2299

HIGH Year: 2010
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-843
View all →

Vulnerability Description

The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors involving crafted data from the renderer process, related to a "Type Confusion" issue.

Related Vulnerabilities

CVE-2021-33970

CRITICAL
CVSS:10.0(Critical)

Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

CWE-8432021

CVE-2012-0507

CRITICAL
CVSS:9.8(Critical)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to af...

CWE-8432012

CVE-2016-1000005

CRITICAL
CVSS:9.8(Critical)

mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions prior to 3.9....

CWE-8432016

CVE-2018-9471

CRITICAL
CVSS:9.8(Critical)

In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no addition...

CWE-8432018

CVE-2019-10231

CRITICAL
CVSS:9.8(Critical)

Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php).

CWE-8432019

CVE-2019-14537

CRITICAL
CVSS:9.8(Critical)

YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass.

CWE-8432019