PT-2018-3282 · Google+3 · Google Chrome+3

Zhen Zhou

·

Publicado

2018-07-24

·

Atualizado

2024-06-15

·

CVE-2018-6153

CVSS v2.0

9.3

Alta

VetorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 68.0.3440.75
Description The issue is related to a precision error in the Skia graphics engine, which can lead to an out of bounds memory write. This can be exploited by a remote attacker using a specially crafted HTML page, potentially impacting the confidentiality, integrity, and availability of protected information.
Recommendations For versions prior to 68.0.3440.75, update to version 68.0.3440.75 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable HTML pages until the update is applied.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2018-2278
BDU:2019-04481
CVE-2018-6153
DSA-4256-1
MGASA-2018-0343
OPENSUSE-SU-2018_2134-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:12948-1
RHSA-2018:2282
RHSA-2018_2282

Produtos afetados

Alt Linux
Google Chrome
Red Hat
Suse