CVE-2022-0310 Heap buffer overflow in Task Manager in Chrome prior to 97.0.4692.99 allowed a remote attacker to exploit heap corruption.

CVE-2022-0310 Heap buffer overflow in Task Manager in Chrome prior to 97.0.4692.99 allowed a remote attacker to exploit heap corruption.

On the Task Manager page, the “High Memory” column sometimes did not display properly. This issue was addressed by updating Task Manager to version 97.0.4692.99. Note that ESET does not consider this issue to be high severity, as it does not allow attackers to perform remote code execution. A heap buffer overflow was found in Task Manager in Google Chrome prior to 97.0.4692.99. If a user were to open a malicious website or visit a compromised or malicious website, it was possible that a remote attacker could exploit this vulnerability to potentially execute arbitrary code with the user’s privileges. On the Task Manager page, the “High Memory” column sometimes did not display properly. This issue was addressed by updating Task Manager to version 97.0.4692.99. Note that ESET does not consider this issue to be high severity, as it does not allow attackers to perform remote code execution. A heap buffer overflow was found in Task Manager in Google Chrome prior to 97.0.4692.99. If a user were to open a malicious website or visit a compromised or malicious website, it was possible that a remote attacker could exploit this vulnerability to potentially execute arbitrary code with the user’s privileges. On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in the

Internet Explorer

Internet Explorer was affected by a stack-based buffer overflow vulnerability. The vulnerability is triggered when Internet Explorer attempts to access memory that is not allocated for it. An attacker could exploit this vulnerability by convincing a user to visit a malicious website or open a malicious file, resulting in remote code execution with the privileges of the current user.

Microsoft Edge

Memory Leak
In Microsoft Edge prior to version 18.0.1025.162, an exploitable memory leak was found in the handling of style objects. An attacker could potentially exploit this vulnerability to obtain sensitive information from another site or service running on the local system. On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in a crash of Microsoft Edge and restarting with no user interaction. This issue was addressed by updating Microsoft Edge to version 18.0.1025.162.

Vulnerable versions of Google Chrome

On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in the depletion of available memory. On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in the depletion of available memory.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe