Published: 27/06/2019 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome before 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome

Synopsis Critical: chromium-browser security update Type/Severity Security Advisory: Critical Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scor ...

Several vulnerabilities have been discovered in the chromium web browser CVE-2018-6118 Ned Williamson discovered a use-after-free issue CVE-2018-6120 Zhou Aiting discovered a buffer overflow issue in the pdfium library CVE-2018-6121 It was discovered that malicious extensions could escalate privileges CVE-2018-6122 A type confu ...

A use-after-free vulnerability has been found in the Media Cache component of the chromium browser before 6603359139 ...

CWE-416 https://crbug.com/831963 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop_26.html https://access.redhat.com/errata/RHSA-2018:1321 https://nvd.nist.gov https://www.debian.org/security/./dsa-4237

CVE-2018-6118

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect