CVE-2017-15406Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
8.8HIGHNVD
EPSS
1.0%
top 23.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedAug 28
Latest updateMay 14

Description

A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDgoogle/chrome< 62.0.3202.75

🔴Vulnerability Details

2
GHSA
GHSA-2pr9-mv6f-chvj: A stack buffer overflow in V8 in Google Chrome prior to 622022-05-14
OSV
CVE-2017-15406: A stack buffer overflow in V8 in Google Chrome prior to 622018-08-28

📋Vendor Advisories

1
Red Hat
chromium-browser: stack overflow in v82017-10-26

💬Community

1
Bugzilla
CVE-2017-15396, CVE-2017-15406 chromium-browser: stack overflow in v82017-10-27