Multiple vulnerabilities in Google Chrome

Descripción

Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

1. An out-of-bounds read in V8 can be exploited remotely to execute arbitrary code;
2. A use after free in PDFium can be exploited remotely to obtain sensitive information;
3. A heap overflow vulnerability in the Skia component can be exploited remotely to execute arbitrary code;
4. A use after free in PDFium can be exploited remotely to obtain sensitive information;
5. A use after free in Blink can be exploited remotely to obtain sensitive information;
6. A heap overflow vulnerability in the Canvas component can be exploited remotely to cause denial of service;
7. A use after free in WebAudio can be exploited remotely to obtain sensitive information;
8. A use after free in MediaRecorder can be exploited remotely to obtain sensitive information;
9. A heap overflow vulnerability in the Blink component can be exploited remotely to cause denial of service;
10. An out-of-bounds read in V8 can be exploited remotely to cause denial of service;
11. A use after free in Skia can be exploited remotely to obtain sensitive information;
12. A use after free in Skia can be exploited remotely to obtain sensitive information;

Notas informativas originales

• Stable Channel Update for Desktop

Explotación

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Productos relacionados

• Google-Chrome

Lista CVE

• CVE-2018-17480
  critical
• CVE-2018-17481
  critical
• CVE-2018-18335
  critical
• CVE-2018-18336
  critical
• CVE-2018-18337
  critical
• CVE-2018-18338
  critical
• CVE-2018-18339
  critical
• CVE-2018-18340
  critical
• CVE-2018-18341
  critical
• CVE-2018-18342
  critical
• CVE-2018-18343
  critical
• CVE-2018-18344
  high
• CVE-2018-18345
  high
• CVE-2018-18346
  high
• CVE-2018-18347
  critical
• CVE-2018-18348
  warning
• CVE-2018-18349
  high
• CVE-2018-18350
  high
• CVE-2018-18351
  high
• CVE-2018-18352
  high
• CVE-2018-18353
  high
• CVE-2018-18354
  critical
• CVE-2018-18355
  warning
• CVE-2018-18356
  critical
• CVE-2018-18357
  warning
• CVE-2018-18358
  high
• CVE-2018-18359
  critical

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com