Lucene search

K
attackerkbAttackerKBAKB:AABC230C-8ABF-4B60-A385-D07EE2CFABA2
HistorySep 28, 2023 - 12:00 a.m.

CVE-2023-5217

2023-09-2800:00:00
attackerkb.com
28
buffer overflow
vp8 encoding
libvpx
google chrome
heap corruption
html page
remote attacker
severity high

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.248

Percentile

96.7%

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

References

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.248

Percentile

96.7%