cbcvebase.
CVE-2018-17480
published 2018-12-11

CVE-2018-17480: Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a…

PriorityP184high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-22
Exploited in the wild
EPSS
34.29%
98.2th percentile
Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

Affected

12 ranges
VendorProductVersion rangeFixed in
chromiumchromium>= 0 < 71.0.3578.80-171.0.3578.80-1
chromiumchromium>= 0 < 71.0.3578.80-171.0.3578.80-1
chromiumchromium>= 0 < 71.0.3578.80-171.0.3578.80-1
chromiumchromium>= 0 < 71.0.3578.80-171.0.3578.80-1
debianchromium< chromium 71.0.3578.80-1 (bookworm)chromium 71.0.3578.80-1 (bookworm)
debiandebian_linux
googlechrome< 71.0.3578.8071.0.3578.80
googlechrome>= unspecified < 71.0.3578.8071.0.3578.80
redhatenterprise_linux_desktop
redhatenterprise_linux_server
redhatenterprise_linux_workstation
the_openjpeg_projectopenjpeg2>= 0 < 2.3.0-2build0.18.04.12.3.0-2build0.18.04.1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered via a crafted HTML page delivering user-supplied JavaScript during array deserialization, causing an out-of-bounds write in V8; any Google Chrome version prior to 71.0.3578.80 is affected and should be flagged
  • Multiple Chromium-based browsers are in scope for detection, not only Google Chrome — also includes Microsoft Edge and Opera builds using the affected V8 engine below version 71.0.3578.80
  • ·Exploitation is sandboxed — arbitrary code execution is confined within the browser sandbox; a sandbox escape would be required for full system compromise
  • ·The upstream Chromium bug report (crbug 905940) may contain additional technical detail but is referenced only by ID in available sources; consult it directly for PoC or deeper analysis

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.