Executive Summary

Informations
NameCVE-2018-17470First vendor Publication2019-01-09
VendorCveLast vendor Modification2019-01-15

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17470

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3815
Os1
Os1
Os1
Os1

Nessus® Vulnerability Scanner

DateDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-fd194a1f14.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-34f7f68029.nasl - Type : ACT_GATHER_INFO
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-10.nasl - Type : ACT_GATHER_INFO
2018-11-05Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4330.nasl - Type : ACT_GATHER_INFO
2018-10-16Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : google_chrome_70_0_3538_67.nasl - Type : ACT_GATHER_INFO
2018-10-16Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_google_chrome_70_0_3538_67.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/105666
CONFIRM https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-deskt...
DEBIAN https://www.debian.org/security/2018/dsa-4330
GENTOO https://security.gentoo.org/glsa/201811-10
MISC https://crbug.com/877874
REDHAT https://access.redhat.com/errata/RHSA-2018:3004

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-01-15 21:19:28
  • Multiple Updates
2019-01-10 17:19:03
  • Multiple Updates
2019-01-10 00:19:19
  • First insertion