Main Vulnerability Database Exploits ID:8949 - Exploit for Type Confusion in Google Chrome - CVE-2018-17463

ID:8949 - Exploit for Type Confusion in Google Chrome - CVE-2018-17463

Published: March 29, 2023

Vulnerability identifier: #VU15469

Vulnerability risk: High

CVE-ID: CVE-2018-17463

CWE-ID: CWE-843

Exploitation vector: Remote access

Vulnerable software:
Google Chrome

Link to public exploit:

https://github.com/jhalon/CVE-2018-17463

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error when processing HTML content in Google Chromes JIT compiler. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Update to version 70.0.3538.67.

ID:8949 - Exploit for Type Confusion in Google Chrome - CVE-2018-17463

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human