Published: 09/01/2019 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A precision error in Skia in Google Chrome before 67.0.3396.62 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
debian debian linux 8.0
debian debian linux 9.0
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Synopsis Important: chromium-browser security update Type/Severity Security Advisory: Important Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...

Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code For the oldstable distribution (jessie), this problem has been fixed in version 5281esr-1~deb8u1 For the stable distribution (stretch), this problem has been fixed in version 5281esr-1~deb9u1 We recomm ...

Several vulnerabilities have been discovered in the chromium web browser CVE-2018-6118 Ned Williamson discovered a use-after-free issue CVE-2018-6120 Zhou Aiting discovered a buffer overflow issue in the pdfium library CVE-2018-6121 It was discovered that malicious extensions could escalate privileges CVE-2018-6122 A type confu ...

Mozilla Foundation Security Advisory 2018-14 Security vulnerabilities fixed in Firefox 6002, ESR 6002, and ESR 5281 Announced June 6, 2018 Impact critical Products Firefox, Firefox ESR Fixed in Fi ...

A precision error in Skia in Google Chrome prior to 670339662 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page ...

A heap-based buffer overflow has been found in the Skia component of the Firefox browser before 6002, when rasterizing paths using a maliciously crafted SVG file with anti-aliasing turned off ...

There is a heap overflow in Skia when drawing paths with antialiasing turned off This issue can be triggered in both Google Chrom and Mozilla Firefox by rendering a specially crafted SVG image PoCs for both browsers are attached Details: When Skia fills a path with antialiasing turned off, SkScan::FillPath gets called cschromiumorg/ ...

CWE-787 https://security.gentoo.org/glsa/201810-01 http://www.securityfocus.com/bid/104411 http://www.securityfocus.com/bid/104309 https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html https://access.redhat.com/errata/RHSA-2018:2112 http://www.securitytracker.com/id/1041014 https://access.redhat.com/errata/RHSA-2018:1815 https://access.redhat.com/errata/RHSA-2018:2113 http://www.securitytracker.com/id/1041046 https://www.debian.org/security/2018/dsa-4220 https://www.exploit-db.com/exploits/45098/https://crbug.com/844457 https://www.debian.org/security/2018/dsa-4237 https://usn.ubuntu.com/3682-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/45098/

CVE-2018-6126

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect