CVE-2018-6056 - OpenCVE

Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Google	Chrome
Debian	Debian Linux
Redhat	Enterprise Linux Desktop Enterprise Linux Workstation Enterprise Linux Server

Configuration 1 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/103003
https://access.redhat.com/errata/RHSA-2018:0334
https://chromereleases.googleblog.com/2018/02/stable-channel-update-for-desktop_13.html
https://crbug.com/806388
https://www.debian.org/security/2018/dsa-4182

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Chrome

Published: 2019-01-09T19:00:00

Updated: 2019-01-10T10:57:01

Reserved: 2018-01-23T00:00:00

Link: CVE-2018-6056

JSON object: View

NVD Information

Status : Modified

Published: 2019-01-09T19:29:03.713

Modified: 2023-11-07T02:59:03.480

Link: CVE-2018-6056

JSON object: View

Redhat Information

No data.

CWE

CWE-704

{"containers": {"cna": {"affected": [{"product": "Chrome", "vendor": "Google", "versions": [{"lessThan": "64.0.3282.168", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-01-09T00:00:00", "descriptions": [{"lang": "en", "value": "Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."}], "problemTypes": [{"descriptions": [{"description": "Type Confusion", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-01-10T10:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://crbug.com/806388"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://chromereleases.googleblog.com/2018/02/stable-channel-update-for-desktop_13.html"}, {"name": "103003", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103003"}, {"name": "RHSA-2018:0334", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:0334"}, {"name": "DSA-4182", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4182"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2018-6056", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_affected": "<", "version_value": "64.0.3282.168"}]}}]}, "vendor_name": "Google"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Type Confusion"}]}]}, "references": {"reference_data": [{"name": "https://crbug.com/806388", "refsource": "MISC", "url": "https://crbug.com/806388"}, {"name": "https://chromereleases.googleblog.com/2018/02/stable-channel-update-for-desktop_13.html", "refsource": "CONFIRM", "url": "https://chromereleases.googleblog.com/2018/02/stable-channel-update-for-desktop_13.html"}, {"name": "103003", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103003"}, {"name": "RHSA-2018:0334", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0334"}, {"name": "DSA-4182", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4182"}]}}}}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2018-6056", "datePublished": "2019-01-09T19:00:00", "dateReserved": "2018-01-23T00:00:00", "dateUpdated": "2019-01-10T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "2ED97BC3-8C0B-4729-BDF8-0ACDFBE1F943", "versionEndExcluding": "64.0.3282.168", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."}, {"lang": "es", "value": "Una confusi\u00f3n de tipos podr\u00eda conducir a una escritura fuera de l\u00edmites en V8 en Google Chrome, en versiones anteriores a la 64.0.3282.168, lo que permite que un atacante remoto ejecute c\u00f3digo arbitrario dentro de un sandbox mediante una p\u00e1gina HTML manipulada."}], "id": "CVE-2018-6056", "lastModified": "2023-11-07T02:59:03.480", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-09T19:29:03.713", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://www.securityfocus.com/bid/103003"}, {"source": "chrome-cve-admin@google.com", "url": "https://access.redhat.com/errata/RHSA-2018:0334"}, {"source": "chrome-cve-admin@google.com", "url": "https://chromereleases.googleblog.com/2018/02/stable-channel-update-for-desktop_13.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://crbug.com/806388"}, {"source": "chrome-cve-admin@google.com", "url": "https://www.debian.org/security/2018/dsa-4182"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-704"}], "source": "nvd@nist.gov", "type": "Primary"}]}