Stack Buffer Overflow in V8 Engine of Google Chrome
CVE-2017-15406

8.8HIGH

Key Information:

Vendor: Google
Status: Google Chrome Prior To 62.0.3202.75 Unknown
Vendor: CVE Published:; 28 August 2018

What is CVE-2017-15406?

A stack buffer overflow vulnerability in the V8 engine of Google Chrome prior to version 62.0.3202.75 could enable a remote attacker to conduct an out of bounds memory read through a specially crafted HTML page. This could potentially expose sensitive information or lead to further exploitations.

Affected Version(s)

Google Chrome prior to 62.0.3202.75 unknown Google Chrome prior to 62.0.3202.75 unknown

References

https://crbug.com/770450

x_refsource_MISC

https://chromereleases.googleblog.com/2017/10/stable-chan...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2018
Vulnerability Reserved
Oct 17, 2017