![]() ![]() Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Microsoft Edge, your AI-powered browser, with Copilot built in to enhance your browsing experience. (Chromium security severity: High) (CVE-2023-5217) Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 1.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-5187) Use after free in Extensions in Google Chrome prior to 1.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-5186) Use after free in Passwords in Google Chrome prior to 1.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. There exists a use after free/double free in libwebp. It is, therefore, affected by multiple vulnerabilities as referenced in the Septemadvisory. The version of Microsoft Edge installed on the remote Windows host is prior to 1.98 / 1.47.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |