PT-2017-16331 · Google+4 · Google Chrome+5

Aleksandar Nikolic

Publicado

2017-10-17

Atualizado

2024-06-15

CVE-2017-5133

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 62.0.3202.62 Opera versions prior to 62.0.3202.62

Description The issue is related to an off-by-one read/write on the heap in Blink, which allows a remote attacker to corrupt memory and possibly leak information, and potentially execute code via a crafted PDF file.

Recommendations For Google Chrome versions prior to 62.0.3202.62, update to version 62.0.3202.62 or later. For Opera versions prior to 62.0.3202.62, update to a version that includes the fix for this issue, as the exact version is not specified.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2017-2600

CVE-2017-5133

DSA-4020-1

MGASA-2017-0423

OPENSUSE-SU-2017:3245-1

OPENSUSE-SU-2017_2902-1

OPENSUSE-SU-2024:10681-1

OPENSUSE-SU-2024:12948-1

RHSA-2017:2997

RHSA-2017_2997

Produtos afetados

Alt Linux

Blink

Google Chrome

Opera

Red Hat

Suse

PT-2017-16331 · Google+4 · Google Chrome+5

CVE-2017-5133

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2342