HomePentest-Tools.com Logo

Google Chrome Security Updates(stable-channel-update-for-desktop-2018-12)-Windows CVE-2018-17480CVE-2018-17481CVE-2018-18335CVE-2018-18336CVE-2018-18337CVE-2018-18338CVE-2018-18339CVE-2018-18340CVE-2018-18341CVE-2018-18342CVE-2018-18343CVE-2018-18344CVE-2018-18345CVE-2018-18346CVE-2018-18347CVE-2018-18348CVE-2018-18349CVE-2018-18350CVE-2018-18351CVE-2018-18352CVE-2018-18354CVE-2018-18355CVE-2018-18356CVE-2018-18357CVE-2018-18358CVE-2018-18359CVE-2018-20065CVE-2018-20066CVE-2018-20067CVE-2018-20068CVE-2018-20069CVE-2018-20070

Severity
CVSSv3 Score
6.5
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to: - Multiple out of bounds write error in V8. - Multiple use after free errors in PDFium, Blink, WebAudio, MediaRecorder, Skia and Extensions. - Multiple heap buffer overflow errors in Skia, Canvas and Blink. - Inappropriate implementations in Extensions, Site Isolation, Navigation, Omnibox, Media, Network Authentication and PDFium. - Multiple issues in SQLite via WebSQL. - Incorrect security UI in Blink. - Insufficient policy enforcements in Blink, Navigation, URL Formatter, Proxy and Payments. - Insufficient data validation in Shell Integration. Successful exploitation will allow an attacker to execute arbitrary code in the context of the browser, obtain sensitive information, bypass security restrictions and perform unauthorized actions, or cause denial-of-service conditions

Recommendation

Upgrade to Google Chrome version 71.0.3578.80 or later. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 11, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available