Base Score

HIGH8.8

CVE-2017-5122

Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page.

VectorNETWORK

Published Bychrome-cve-admin@google.com

Published DateOct 27, 2017, 05:29

Weakness Type (CWE):CWE-119

CVSS Metrics

Base Score

8.8

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

http://www.debian.org/security/2017/dsa-3985
http://www.securityfocus.com/bid/100947
http://www.securitytracker.com/id/1039497
https://access.redhat.com/errata/RHSA-2017:2792
https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
https://crbug.com/752423
https://security.gentoo.org/glsa/201709-25

Base Score

HIGH8.8

Weakness Type (CWE):CWE-119

CVSS Metrics

Base Score

8.8

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH