Main Vulnerability Database Vulnerabilities #VU58549

Integer underflow in Google Chromium - CVE-2021-4066

Published: December 6, 2021 / Updated: December 10, 2021

Vulnerability identifier: #VU58549

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2021-4066

CWE-ID: CWE-191

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Chromium

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer underflow. A remote attacker can send a specially crafted request to the affected application, trigger integer underflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to mitigate CVE-2021-4066

Update to version 96.0.4664.93.

Integer underflow in Google Chromium - CVE-2021-4066

Detailed vulnerability description

How to mitigate CVE-2021-4066

Sources

Please verify you're human