PT-2024-6475 · Google+3 · Google Chrome+3
Published
2024-04-09
·
Updated
2025-01-02
·
CVE-2024-7018
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 124.0.6367.78
Description
The issue is related to a heap buffer overflow in the PDF handler of Google Chrome, which can be exploited by a remote attacker via a crafted PDF file. This exploitation can potentially lead to the execution of arbitrary code, denial of service, or the disclosure of protected information.
Recommendations
For versions prior to 124.0.6367.78, update to version 124.0.6367.78 or later to resolve the issue.
As a temporary workaround, consider avoiding the use of PDF files from untrusted sources until the update is applied.
Restrict access to PDF handling features in Google Chrome to minimize the risk of exploitation until the issue is resolved.
Exploit
Fix
Memory Corruption
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Debian
Google Chrome
Red Os