CVE-2018-6072: An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap…

high8.8CVSS 3.0

AVNACLPRNUIRSUCHIHAH

An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Affected

5 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
google	chrome	< 65.0.3325.146	65.0.3325.146
redhat	linux_desktop	—	—
redhat	linux_server	—	—
redhat	linux_workstation	—	—

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

osv8.8HIGH