Unrated severityNVD Advisory· Published Jun 27, 2019· Updated Aug 5, 2024
CVE-2018-6156
CVE-2018-6156
Description
Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 93.0.4577.82-1.1+ 2 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 92.0-1.2
Patches
Vulnerability mechanics
References
3- usn.ubuntu.com/4165-1/mitrevendor-advisoryx_refsource_UBUNTU
- chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.htmlmitrex_refsource_MISC
- crbug.com/841962mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.