CVE-2022-0096 An attacker in Google Chrome before 97.0.4692.71 could exploit heap corruption after an AOF.

CVE-2022-0096 An attacker in Google Chrome before 97.0.4692.71 could exploit heap corruption after an AOF.

CVE Solution: Update to version 97.0.4689 or newer. An issue was discovered in certain configurations of Google Chrome prior to version 97.0.4692.71. Users were potentially vulnerable to an arbitrary code execution. It was discovered that a use after free issue existed in the Web Distributed JavaScript Engine (Djenga) in Web applications. The issue is due to a race condition when handling HTML tags. An attacker could leverage this vulnerability to potentially exploit heap corruption via a crafted HTML page. It was discovered that certain types of HTML tags were not handled properly by certain media elements in Web applications. An attacker could leverage this vulnerability to potentially exploit heap corruption via a crafted HTML page. CVE Solution: Update to version 97.0.4689 or newer. An issue was discovered in certain configurations of Google Chrome prior to version 97.0.4692.71. Users were potentially vulnerable to an arbitrary code execution. It was discovered that a use after free issue existed in the Web Distributed JavaScript Engine (Djenga) in Web applications. The issue is due to a race condition when handling HTML tags. An attacker could leverage this vulnerability to potentially exploit heap corruption via a crafted HTML page. CVE Solution: Update to version 97.0.4689 or newer. An issue was discovered in certain configurations of Google Chrome prior to version 97.0.4692.71. Users were potentially vulnerable to an arbitrary code execution

Summary

An issue was discovered in certain configurations of Google Chrome prior to version 97.0.4692.71. Users were potentially vulnerable to an arbitrary code execution. It was discovered that a use after free issue existed in the Web Distributed JavaScript Engine (Djenga) in Web applications. The issue is due to a race condition when handling HTML tags. An attacker could leverage this vulnerability to potentially exploit heap corruption via a crafted HTML page. CVE Solution: Update to version 97.0.4689 or newer. An issue was discovered in certain configurations of Google Chrome prior to version 97.0.4692.71

To make an impact online, you need great search engine optimization (SEO). To achieve this goal, businesses have many strategies they can use, but one strategy that stands out is using pictures in your ad campaigns on Facebook as people respond well to pictures and it's more likely for them to click through when they see something visually appealing than if they see text only

How do I know if my browser is vulnerable?

If you are using Google Chrome version 97.0.4692.71 or newer, then your browser is not vulnerable to the arbitrary code execution vulnerability.
The update will also protect against the heap corruption vulnerability in certain configurations of Web applications.
If you are using a version prior to 97.0.4692.71 on Google Chrome, then your browser is potentially vulnerable to either arbitrary code execution or heap corruption with malicious HTML tags.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe