CVE-2017-5112Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources
Severity
8.8HIGHNVD
EPSS
1.5%
top 18.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedOct 27
Latest updateMay 14

Description

Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDgoogle/chrome< 61.0.3163.79

🔴Vulnerability Details

2
GHSA
GHSA-qv78-wppv-jjxg: Heap buffer overflow in WebGL in Google Chrome prior to 612022-05-14
OSV
CVE-2017-5112: Heap buffer overflow in WebGL in Google Chrome prior to 612017-10-27

📋Vendor Advisories

1
Red Hat
chromium-browser: heap buffer overflow in webgl2017-09-05

💬Community

2
Bugzilla
CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114 CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118 CVE-2017-5119 CVE-2017-5120 chromium: various flaws [fedora-all]2017-09-06
Bugzilla
CVE-2017-5112 chromium-browser: heap buffer overflow in webgl2017-09-06