CVE-2022-0105 An attacker could exploit heap corruption in Google Chrome before 97.0.4692.71 to gain access to user data.

CVE-2022-0105 An attacker could exploit heap corruption in Google Chrome before 97.0.4692.71 to gain access to user data.

This issue was addressed by updating Google Chrome to version 97.0.4692.75. CVE-2017-15411 In Google Chrome prior to version 74.0.3729.169, a user could open multiple tabs and navigate to different sites as each tab was still being loaded in memory. This allowed remote attackers to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15412 In Google Chrome prior to version 74.0.3729.169, multiple instances of a “Cross-Origin Read Blocked” error could be observed in the Developer Tools profiler. This occurred when opening a page with an XMLHttpRequest on the same domain and subdomain as the Developer Tools profiler. This allowed remote attackers to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15413 When launching media content in Google Chrome prior to version 74.0.3729.131, the media player would occasionally cause a crash. This occurred when rendering a remote video, audio, or plugin content. This allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15414 When launching media content in Google Chrome prior to version 74.0.3729.131, the media player would occasionally cause a crash. This occurred when a remote media plugin caused an unmapped memory access. This allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15415 In Google Chrome prior

^ ii to version 74.0.3729.131, a remote attacker could potentially exploit heap corruption via a crafted HTML page.

The fix for this issue is updating Google Chrome to version 74.0.3729.169

Mitigation and Detection

This issue was addressed by updating Google Chrome to version 74.0.3729.131. CVE-2017-15416 In Google Chrome prior to version 74.0.3729.131, a user could open multiple tabs and navigate to different sites as each tab was still being loaded in memory. This allowed remote attackers to potentially exploit heap corruption via a crafted HTML page.
Word count: 684

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe