CVE-2018-6055
published 2018-09-25CVE-2018-6055: Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside…
PriorityP274high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.14%
62.7th percentile
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome | < 64.0.3282.119 | 64.0.3282.119 | |
| chrome | >= unspecified < 64.0.3282.119 | 64.0.3282.119 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via a crafted HTML page delivered remotely, targeting insufficient policy enforcement in Chrome's Catalog Service to escape the sandbox ↗
- ·Vulnerable versions of Google Chrome are prior to 64.0.3282.119; any deployment running an older version is at risk of sandbox escape via Catalog Service policy enforcement bypass ↗
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vulncheck8.8HIGH
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m6qv-gwg5-63c6: Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64
ghsa_unreviewed·2022-05-14
CVE-2018-6055 [HIGH] CWE-20 GHSA-m6qv-gwg5-63c6: Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
OSV
CVE-2018-6055: Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64
osv·2018-09-25·CVSS 8.8
CVE-2018-6055 [HIGH] CVE-2018-6055: Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
VulnCheck
Google Chrome Improper Input Validation
vulncheck·2018·CVSS 8.8
CVE-2018-6055 [HIGH] Google Chrome Improper Input Validation
Google Chrome Improper Input Validation
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
Affected: Google Chrome
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://mp.weixin.qq.com/s/jX8D8d-4q46pKHS0AIVgjw
Red Hat
chromium-browser: Insufficient policy enforcement in Catalog Service
vendor_redhat·2018-09-25·CVSS 8.8
CVE-2018-6055 [HIGH] chromium-browser: Insufficient policy enforcement in Catalog Service
chromium-browser: Insufficient policy enforcement in Catalog Service
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [fedora-all]
bugzilla·2018-09-26·CVSS 8.8
CVE-2018-6055 [HIGH] CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [fedora-all]
CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects
Bugzilla
CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [epel-7]
bugzilla·2018-09-26·CVSS 8.8
CVE-2018-6055 [HIGH] CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [epel-7]
CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the following t
Bugzilla
CVE-2018-6055 chromium-browser: Insufficient policy enforcement in Catalog Service
bugzilla·2018-09-26·CVSS 8.8
CVE-2018-6055 [HIGH] CVE-2018-6055 chromium-browser: Insufficient policy enforcement in Catalog Service
CVE-2018-6055 chromium-browser: Insufficient policy enforcement in Catalog Service
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
Upstream bug:
https://bugs.chromium.org/p/chromium/issues/detail?id=791003
References:
https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html
Discussion:
Created chromium tracking bugs for this issue:
Affects: epel-7 [bug 1633395]
Affects: fedora-all [bug 1633394]
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2018-6055
http://www.securityfocus.com/bid/105516https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.htmlhttps://crbug.com/791003http://www.securityfocus.com/bid/105516https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.htmlhttps://crbug.com/791003
2018-09-25
Published
Exploited in the wild