Lucene search

RedosROS-20240927-02

HistorySep 27, 2024 - 12:00 a.m.

ROS-20240927-02

2024-09-2700:00:00

redos.red-soft.ru

google chrome

user interface

vulnerability

heap buffer overflow

exploitation

crafted files

remote attacker

html

pdf

information corruption

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

JSON

A vulnerability in the Google Chrome browser is related to the execution of certain user interface gestures
Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofed
the user interface using a specially crafted HTML page

A vulnerability in Google Chrome browser is related to a heap buffer overflow. Exploitation of the vulnerability could
allow an attacker acting remotely to exploit the heap corruption using a specially
specially crafted PDF file

A vulnerability in the Google Chrome browser is related to the corruption of important information in the user interface.
Exploitation of the vulnerability could allow an attacker acting remotely to spoof the
the user interface using a specially crafted HTML page

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64chromium< 124.0.6367.78-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	chromium	< 124.0.6367.78-1	UNKNOWN

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

JSON

Related for ROS-20240927-02