PT-2017-3241 · Google+3 · Google Chrome+3

Published

2017-04-19

Updated

2024-06-15

CVE-2017-5062

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 58.0.3029.81 for Mac, Windows, and Linux Google Chrome version prior to 58.0.3029.83 for Android Opera (affected versions not specified)

Description The issue is related to a use after free in Chrome Apps, which can allow a remote attacker to potentially perform out of bounds memory access. This can be achieved via a specially crafted Chrome extension. The estimated number of potentially affected devices worldwide is not provided.

Recommendations For Google Chrome versions prior to 58.0.3029.81 for Mac, Windows, and Linux, update to version 58.0.3029.81 or later. For Google Chrome version prior to 58.0.3029.83 for Android, update to version 58.0.3029.83 or later. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2017-02675

CVE-2017-5062

MGASA-2017-0317

OPENSUSE-SU-2017:1098-1

OPENSUSE-SU-2017:1100-1

OPENSUSE-SU-2017_1098-1

OPENSUSE-SU-2024:10681-1

OPENSUSE-SU-2024:12948-1

RHSA-2017:1124

RHSA-2017_1124

Affected Products

Google Chrome

Opera

Red Hat

Suse

PT-2017-3241 · Google+3 · Google Chrome+3

CVE-2017-5062

Weakness Enumeration

Related Identifiers

Affected Products

References · 2341