PT-2018-3406 · Google+3 · Google Chrome+3

Publicado

2018-11-09

Atualizado

2024-06-15

CVE-2018-17478

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 70.0.3538.102

Description: The issue is related to incorrect array position calculations in the V8 browser kernel of Google Chrome. This could allow a remote attacker to exploit object corruption via a crafted HTML page, potentially leading to unauthorized access to confidential data, disruption of data integrity, and denial of service.

Recommendations: For versions prior to 70.0.3538.102, update to version 70.0.3538.102 or later to resolve the issue.

Exploit

Correção

Improper Validation of Array Index

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-129

Identificadores relacionados

ALT-PU-2018-2879

BDU:2020-00778

CVE-2018-17478

DSA-4340-1

OPENSUSE-SU-2018:3835-1

OPENSUSE-SU-2018_3805-1

OPENSUSE-SU-2018_3837-1

OPENSUSE-SU-2024:10681-1

OPENSUSE-SU-2024:12948-1

RHSA-2018:3648

RHSA-2018_3648

Produtos afetados

Alt Linux

Google Chrome

Red Hat

Suse

PT-2018-3406 · Google+3 · Google Chrome+3

CVE-2018-17478

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2328