PT-2023-7513 · Google+3 · Google Chrome+3

Pwn2Car

Publicado

2023-09-08

Atualizado

2024-11-29

CVE-2023-6510

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 120.0.6099.62

Description The issue is related to a use after free vulnerability in the Media Capture component of Google Chrome, which could potentially allow a remote attacker to exploit heap corruption through specific user interface interactions. This could lead to the disclosure of protected information. The severity of this issue is classified as medium by Chromium.

Recommendations For Google Chrome versions prior to 120.0.6099.62, update to version 120.0.6099.62 or later to resolve the issue. As a temporary workaround, consider restricting user interface interactions that could potentially trigger the vulnerability until a patch is applied.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2023-8370

ALT-PU-2024-10294

ALT-PU-2024-14286

ALT-PU-2024-14830

BDU:2023-08558

CVE-2023-6510

DSA-5573-1

MGASA-2023-0355

OPENSUSE-SU-2024:0020-1

OPENSUSE-SU-2024:13583-1

OPENSUSE-SU-2024:13585-1

OPENSUSE-SU-2024:14001-1

Produtos afetados

Alt Linux

Astra Linux

Google Chrome

Red Os

PT-2023-7513 · Google+3 · Google Chrome+3

CVE-2023-6510

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 88