CVE-2022-0456 An after free vulnerability in Google Chrome Web Search allowed a remote attacker to exploit heap corruption.

CVE-2022-0456 An after free vulnerability in Google Chrome Web Search allowed a remote attacker to exploit heap corruption.

CVE-2018-6035 Mitigation: Google Chrome prior to 98.0.4513.0 and Google WebView prior to 74.361.0 allowed a remote attacker to potentially exploit heap corruption via a malformed PDF file.

CVE-2018-6034 Mitigation: Google Chrome prior to 98.0.4513.0 and Google WebView prior to 74.361.0 allowed a remote attacker to potentially exploit heap corruption via a malformed WebP file.

CVE-2018-6033 Mitigation: Google Chrome prior to 98.0.4513.0 and Google WebView prior to 74.361.0 allowed a remote attacker to potentially exploit heap corruption via a malformed XMP file.

CVE-2018-6032 Mitigation: Google Chrome prior to 98.0.4513.0 and Google WebView prior to 74.361.0 allowed a remote attacker to potentially exploit heap corruption via a malformed PDF file.

CVE-2018-6031 Mitigation: Google Chrome prior to 98.0.4513.0 and Google WebView prior to 74.361.0 allowed a remote attacker to potentially exploit heap corruption via a malformed XSAM file.

CVE-2018-6030 Mitigation: Google Chrome prior to 98.0.4513.0 and Google WebView prior to 74.361.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Android Trusted Execution Policy

The Android Trusted Execution Policy is a mechanism that Google introduced in January 2017 as a way to mitigate the effects of Spectre and Meltdown. It provides protections against branch target injection attacks, which are commonly used to attack CPU vulnerabilities like Spectre and Meltdown.

Google Chrome prior to 98.0.4513.0 and Google WebView prior to 74.361.0 allowed a remote attacker to potentially exploit heap corruption via a malformed PDF file, which could lead to arbitrary code execution with privileges of the process.

Some parts of this page are encrypted but are incorrect .

This is a nice easy-to-read blog post about the four vulnerabilities in Google Chrome. It outlines how these vulnerabilities are mitigated and provides links where possible.

What is Adobe Acrobat?

Adobe PDF is an acronym for Portable Document Format. It’s a file format used primarily for documents in electronic form who are intended to be read on-screen, printed, or otherwise viewed and manipulated by software programs.

Adobe Acrobat offers many features to make it easy to create a file of any size, add text or graphics, and convert a document into different formats. The program can also keep track of changes over time and display them when the user returns to the document.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe