PT-2018-1993 · Google+3 · Skia+4

Publicado

2018-12-04

Atualizado

2024-06-15

CVE-2018-18335

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 71.0.3578.80

Description The issue is caused by a heap buffer overflow in the Skia graphics library of Google Chrome. This could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page, leading to arbitrary code execution or denial of service.

Recommendations For versions prior to 71.0.3578.80, update to version 71.0.3578.80 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious web pages to minimize the risk of exploitation.

Correção

Memory Corruption

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-122

Identificadores relacionados

ALT-PU-2018-2879

ALT-PU-2019-1253

ALT-PU-2019-1254

BDU:2018-01609

CVE-2018-18335

DSA-4352-1

MGASA-2019-0088

OPENSUSE-SU-2018:4143-1

OPENSUSE-SU-2018_4056-1

OPENSUSE-SU-2018_4142-1

OPENSUSE-SU-2019:0249-1

OPENSUSE-SU-2019:0251-1

OPENSUSE-SU-2019:1162-1

OPENSUSE-SU-2019_0202-1

OPENSUSE-SU-2019_0250-1

OPENSUSE-SU-2019_0251-1

OPENSUSE-SU-2019_1162-1

OPENSUSE-SU-2024:10601-1

OPENSUSE-SU-2024:10681-1

OPENSUSE-SU-2024:12948-1

RHSA-2018:3803

RHSA-2018_3803

SUSE-SU-2019:0469-1

SUSE-SU-2019:0852-1

SUSE-SU-2019:0853-1

SUSE-SU-2019:0871-1

Produtos afetados

Alt Linux

Google Chrome

Red Hat

Skia

Suse

PT-2018-1993 · Google+3 · Skia+4

CVE-2018-18335

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2749