PT-2018-17348 · Opera+4 · Opera+4

Khalil Zhani

·

Publicado

2018-03-06

·

Atualizado

2024-06-15

·

CVE-2018-6077

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 65.0.3325.146 Opera versions prior to 65.0.3325.146
Description The issue allows a remote attacker to leak cross-origin data via a crafted HTML page, due to displacement map filters being applied to cross-origin images in Blink SVG rendering.
Recommendations For Google Chrome versions prior to 65.0.3325.146, update to version 65.0.3325.146 or later. For Opera versions prior to 65.0.3325.146, update to version 65.0.3325.146 or later.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

ALT-PU-2018-1421
CVE-2018-6077
DSA-4182-1
MGASA-2018-0268
OPENSUSE-SU-2018:1175-1
OPENSUSE-SU-2018:1437-1
OPENSUSE-SU-2018_0704-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:12948-1
RHSA-2018:0484
RHSA-2018_0484

Produtos afetados

Alt Linux
Google Chrome
Opera
Red Hat
Suse