CVE-2017-5113 - OpenCVE

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Google	Chrome Android
Microsoft	Windows
Debian	Debian Linux
Redhat	Enterprise Linux Desktop Enterprise Linux Workstation Enterprise Linux Server
Linux	Linux Kernel
Apple	Macos

Configuration 1 [-]

AND

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

References

Link	Resource
http://www.debian.org/security/2017/dsa-3985
http://www.securityfocus.com/bid/100610
http://www.securitytracker.com/id/1039291
https://access.redhat.com/errata/RHSA-2017:2676
https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html
https://crbug.com/747043
https://security.gentoo.org/glsa/201709-15

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Chrome

Published: 2017-10-27T05:00:00

Updated: 2017-12-30T10:57:01

Reserved: 2017-01-02T00:00:00

Link: CVE-2017-5113

JSON object: View

NVD Information

Status : Modified

Published: 2017-10-27T05:29:02.363

Modified: 2023-11-07T02:49:11.543

Link: CVE-2017-5113

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "Google Chrome prior to 61.0.3163.79 for Mac, Windows and Linux, and 61.0.3163.81 for Android", "vendor": "n/a", "versions": [{"status": "affected", "version": "Google Chrome prior to 61.0.3163.79 for Mac, Windows and Linux, and 61.0.3163.81 for Android"}]}], "datePublic": "2017-09-05T00:00:00", "descriptions": [{"lang": "en", "value": "Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}], "problemTypes": [{"descriptions": [{"description": "Out of bounds write", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-30T10:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"name": "GLSA-201709-15", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201709-15"}, {"tags": ["x_refsource_MISC"], "url": "https://crbug.com/747043"}, {"name": "RHSA-2017:2676", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2676"}, {"name": "1039291", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039291"}, {"name": "100610", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/100610"}, {"name": "DSA-3985", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3985"}, {"tags": ["x_refsource_MISC"], "url": "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2017-5113", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Google Chrome prior to 61.0.3163.79 for Mac, Windows and Linux, and 61.0.3163.81 for Android", "version": {"version_data": [{"version_value": "Google Chrome prior to 61.0.3163.79 for Mac, Windows and Linux, and 61.0.3163.81 for Android"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Out of bounds write"}]}]}, "references": {"reference_data": [{"name": "GLSA-201709-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201709-15"}, {"name": "https://crbug.com/747043", "refsource": "MISC", "url": "https://crbug.com/747043"}, {"name": "RHSA-2017:2676", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2676"}, {"name": "1039291", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039291"}, {"name": "100610", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100610"}, {"name": "DSA-3985", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3985"}, {"name": "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html"}]}}}}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2017-5113", "datePublished": "2017-10-27T05:00:00", "dateReserved": "2017-01-02T00:00:00", "dateUpdated": "2017-12-30T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "B97D9FB8-01EE-43BC-A2F5-878995E75A9A", "versionEndExcluding": "61.0.3163.79", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EC32DC3-614B-43A4-B096-73D6D1AFEF99", "versionEndExcluding": "61.0.3163.81", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}, {"lang": "es", "value": "Un desbordamiento aritm\u00e9tico en Skia en Google Chrome, en versiones anteriores a la 61.0.3163.79 para Mac, windows y Linux y a la 61.0.3163.81 para Android, permit\u00eda que un atacante remoto pudiese explotar una corrupci\u00f3n de la memoria din\u00e1mica (heap) mediante una p\u00e1gina HTML manipulada."}], "id": "CVE-2017-5113", "lastModified": "2023-11-07T02:49:11.543", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-27T05:29:02.363", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2017/dsa-3985"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securityfocus.com/bid/100610"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securitytracker.com/id/1039291"}, {"source": "chrome-cve-admin@google.com", "url": "https://access.redhat.com/errata/RHSA-2017:2676"}, {"source": "chrome-cve-admin@google.com", "url": "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://crbug.com/747043"}, {"source": "chrome-cve-admin@google.com", "url": "https://security.gentoo.org/glsa/201709-15"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}