Multiple vulnerabilities in Google Chrome

Описание

Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

1. An out-of-bounds read in V8 can be exploited remotely to execute arbitrary code;
2. A use after free in PDFium can be exploited remotely to obtain sensitive information;
3. A heap overflow vulnerability in the Skia component can be exploited remotely to execute arbitrary code;
4. A use after free in PDFium can be exploited remotely to obtain sensitive information;
5. A use after free in Blink can be exploited remotely to obtain sensitive information;
6. A heap overflow vulnerability in the Canvas component can be exploited remotely to cause denial of service;
7. A use after free in WebAudio can be exploited remotely to obtain sensitive information;
8. A use after free in MediaRecorder can be exploited remotely to obtain sensitive information;
9. A heap overflow vulnerability in the Blink component can be exploited remotely to cause denial of service;
10. An out-of-bounds read in V8 can be exploited remotely to cause denial of service;
11. A use after free in Skia can be exploited remotely to obtain sensitive information;
12. A use after free in Skia can be exploited remotely to obtain sensitive information;

Первичный источник обнаружения

• Stable Channel Update for Desktop
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Google-Chrome

Список CVE

• CVE-2018-17480
  high
• CVE-2018-17481
  high
• CVE-2018-18335
  high
• CVE-2018-18336
  high
• CVE-2018-18337
  high
• CVE-2018-18338
  high
• CVE-2018-18339
  high
• CVE-2018-18340
  high
• CVE-2018-18341
  high
• CVE-2018-18342
  high
• CVE-2018-18343
  high
• CVE-2018-18344
  warning
• CVE-2018-18345
  warning
• CVE-2018-18346
  warning
• CVE-2018-18347
  high
• CVE-2018-18348
  warning
• CVE-2018-18349
  warning
• CVE-2018-18350
  warning
• CVE-2018-18351
  warning
• CVE-2018-18352
  warning
• CVE-2018-18353
  warning
• CVE-2018-18354
  high
• CVE-2018-18355
  warning
• CVE-2018-18356
  high
• CVE-2018-18357
  warning
• CVE-2018-18358
  warning
• CVE-2018-18359
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com