Use After Free Vulnerability in Google Chrome Affecting Users
CVE-2017-5058

8.8HIGH

Key Information:

Vendor: Google
Status: Google Chrome Prior To 58.0.3029.81 For Windows
Vendor: CVE Published:; 27 October 2017

🔔 Create Google Vulnerability Alert

What is CVE-2017-5058?

A use after free vulnerability in the PrintPreview feature of Google Chrome versions prior to 58.0.3029.81 for Windows allows remote attackers to exploit this flaw. By crafting a malicious HTML page, an attacker could cause out of bounds memory access, which may lead to arbitrary code execution within the user's browser environment.

Affected Version(s)

Google Chrome prior to 58.0.3029.81 for Windows Google Chrome prior to 58.0.3029.81 for Windows

References

https://access.redhat.com/errata/RHSA-2017:1124

vendor-advisoryx_refsource_REDHAT

https://security.gentoo.org/glsa/201705-02

vendor-advisoryx_refsource_GENTOO

http://www.securitytracker.com/id/1038317

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2017
Vulnerability Reserved
Jan 2, 2017

.