PT-2022-6767 · Google+1 · Google Chrome+1
Published
2022-08-30
·
Updated
2023-08-19
·
CVE-2022-4912
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 105.0.5195.52
Description
The issue is related to type confusion in the MathML component of Google Chrome, which can be exploited by a remote attacker to potentially cause a denial of service or execute arbitrary code. This can be achieved through a crafted HTML page, potentially leading to heap corruption. The severity of this issue is considered high.
Recommendations
For versions prior to 105.0.5195.52, update to version 105.0.5195.52 or later to resolve the issue. As a temporary workaround, consider restricting the use of MathML components in Google Chrome until a patch is applied.
Exploit
Fix
Type Confusion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Google Chrome