Vulnerability CVE-2018-6038


Published: 2018-09-25

Description:
Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Type:

CWE-125

(Out-of-bounds Read)

Vendor: Google
Product: Chrome 
Version:
9.0.600.0
9.0.599.0
9.0.598.0
9.0.597.99
9.0.597.98
9.0.597.97
9.0.597.96
9.0.597.94
9.0.597.92
9.0.597.90
9.0.597.9
9.0.597.88
9.0.597.86
9.0.597.85
9.0.597.84
9.0.597.83
9.0.597.82
9.0.597.81
9.0.597.80
9.0.597.8
9.0.597.79
9.0.597.78
9.0.597.77
9.0.597.76
9.0.597.75
9.0.597.74
9.0.597.73
9.0.597.72
9.0.597.71
9.0.597.70
9.0.597.7
9.0.597.69
9.0.597.68
9.0.597.67
9.0.597.66
9.0.597.65
9.0.597.64
9.0.597.63
9.0.597.62
9.0.597.60
9.0.597.59
9.0.597.58
9.0.597.57
9.0.597.56
9.0.597.55
9.0.597.54
9.0.597.5
9.0.597.47
9.0.597.46
9.0.597.45
9.0.597.44
9.0.597.42
9.0.597.41
9.0.597.40
9.0.597.4
9.0.597.39
9.0.597.38
9.0.597.37
9.0.597.36
9.0.597.35
9.0.597.34
9.0.597.33
9.0.597.32
9.0.597.31
9.0.597.30
9.0.597.29
9.0.597.28
9.0.597.27
9.0.597.26
9.0.597.25
9.0.597.24
9.0.597.23
9.0.597.22
9.0.597.21
9.0.597.20
9.0.597.2
9.0.597.19
9.0.597.18
9.0.597.17
9.0.597.16
9.0.597.15
9.0.597.14
9.0.597.12
9.0.597.11
9.0.597.107
9.0.597.106
9.0.597.102
9.0.597.101
9.0.597.100
9.0.597.10
9.0.597.1
9.0.597.0
9.0.596.0
9.0.595.0
9.0.594.0
9.0.593.0
9.0.592.0
9.0.591.0
9.0.590.0
9.0.589.0
See more versions on NVD

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.securityfocus.com/bid/102797
http://www.securitytracker.com/id/1040282
https://access.redhat.com/errata/RHSA-2018:0265
https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html
https://crbug.com/774174
https://www.debian.org/security/2018/dsa-4103

Related CVE
CVE-2018-18359
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2018-18347
Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page.
CVE-2018-18346
Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page.
CVE-2018-18343
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18341
An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18340
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18339
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18338
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Copyright 2018, cxsecurity.com

 

Back to Top