CVE-2018-6090

CVE-2018-6090

Name

CVE-2018-6090

Description

An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Issue Tracking	https://crbug.com/820913
Release Notes	https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html
Third Party Advisory	https://www.debian.org/security/2018/dsa-4182
Third Party Advisory	https://security.gentoo.org/glsa/201804-22
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:1195
VDB Entry	http://www.securityfocus.com/bid/103917

Type

URI

Issue Tracking

https://crbug.com/820913

Release Notes

https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html

Third Party Advisory

https://www.debian.org/security/2018/dsa-4182

Third Party Advisory

https://security.gentoo.org/glsa/201804-22

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:1195