Use After Free Vulnerability in Google Chrome on Multiple Platforms
CVE-2017-5087

8.8HIGH

Key Information:

Vendor

Google
Status
Google Chrome Prior To 59.0.3071.104 For Mac, Windows And Linux, And 59.0.3071.117 For Android
Vendor
CVE Published:
27 October 2017

What is CVE-2017-5087?

A use after free vulnerability in the Blink rendering engine of Google Chrome allows attackers to perform out-of-bounds memory reads through specially crafted HTML pages. This flaw can potentially lead to information disclosure, enabling unauthorized access to sensitive data and security breaches. The vulnerability affects several versions of Google Chrome across multiple operating systems, including Mac, Windows, Linux, and Android, prompting urgent updates to mitigate exploitation risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Google Chrome prior to 59.0.3071.104 for Mac, Windows and Linux, and 59.0.3071.117 for Android Google Chrome prior to 59.0.3071.104 for Mac, Windows and Linux, and 59.0.3071.117 for Android

References

http://www.securitytracker.com/id/1038765
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99096
vdb-entryx_refsource_BID
http://www.debian.org/security/2017/dsa-3926
vendor-advisoryx_refsource_DEBIAN

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.