VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-mnxa-vm7f-aaaa

Essentials
Severities (142)
References (79)
Severity details (93)
Exploits (2)
EPSS
History (0)

Vulnerability ID	VCID-mnxa-vm7f-aaaa
Aliases	CVE-2018-6065
Summary	Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-787	Out-of-bounds Write
CWE-190	Integer Overflow or Wraparound

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6065.html
cvssv3.1	8.8	https://access.redhat.com/errata/RHSA-2018:0484
cvssv3.1	8.8	https://access.redhat.com/errata/RHSA-2018:0484
ssvc	Attend	https://access.redhat.com/errata/RHSA-2018:0484
ssvc	Attend	https://access.redhat.com/errata/RHSA-2018:0484
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6065.json
epss	0.87293	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.87293	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.8776	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.87862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.87862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.87876	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88862	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88889	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88889	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88889	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.88889	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89062	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89216	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89465	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89465	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89465	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89465	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89465	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89465	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89557	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89557	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89557	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89557	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89557	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.89557	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96405	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96405	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96458	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96458	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96458	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96458	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96458	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96458	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96552	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96577	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96577	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
epss	0.96577	https://api.first.org/data/v1/epss?cve=CVE-2018-6065
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=1552482
cvssv3.1	8.8	https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
cvssv3.1	8.8	https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
generic_textual	Medium	https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
ssvc	Attend	https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
ssvc	Attend	https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
cvssv3.1	8.8	https://crbug.com/808192
cvssv3.1	8.8	https://crbug.com/808192
ssvc	Attend	https://crbug.com/808192
ssvc	Attend	https://crbug.com/808192
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6056
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6057
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6060
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6061
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6062
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6063
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6064
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6065
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6066
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6067
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6068
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6069
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6070
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6071
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6072
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6073
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6074
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6075
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6076
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6077
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6078
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6079
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6080
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6081
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6082
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6083
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6085
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6086
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6087
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6088
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6089
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6090
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6091
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6092
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6093
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6094
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6095
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6096
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6097
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6098
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6099
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6100
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6101
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6102
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6103
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6104
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6105
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6106
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6107
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6108
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6109
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6110
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6111
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6112
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6113
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6114
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6116
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6117
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2018-6065
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2018-6065
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2018-6065
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2018-6065
cvssv3.1	8.8	https://www.debian.org/security/2018/dsa-4182
cvssv3.1	8.8	https://www.debian.org/security/2018/dsa-4182
ssvc	Attend	https://www.debian.org/security/2018/dsa-4182
ssvc	Attend	https://www.debian.org/security/2018/dsa-4182
cvssv3.1	8.8	https://www.exploit-db.com/exploits/44584/
cvssv3.1	8.8	https://www.exploit-db.com/exploits/44584/
ssvc	Attend	https://www.exploit-db.com/exploits/44584/
ssvc	Attend	https://www.exploit-db.com/exploits/44584/
cvssv3.1	8.8	https://www.zerodayinitiative.com/advisories/ZDI-19-367/
cvssv3.1	8.8	https://www.zerodayinitiative.com/advisories/ZDI-19-367/
ssvc	Attend	https://www.zerodayinitiative.com/advisories/ZDI-19-367/
ssvc	Attend	https://www.zerodayinitiative.com/advisories/ZDI-19-367/
cvssv3.1	8.8	http://www.securityfocus.com/bid/103297
cvssv3.1	8.8	http://www.securityfocus.com/bid/103297
ssvc	Attend	http://www.securityfocus.com/bid/103297
ssvc	Attend	http://www.securityfocus.com/bid/103297

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6065.html
		https://access.redhat.com/errata/RHSA-2018:0484
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6065.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-6065
		https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
		https://crbug.com/808192
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6056
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6057
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6060
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6061
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6062
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6063
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6064
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6065
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6066
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6067
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6068
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6069
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6070
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6071
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6072
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6073
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6074
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6075
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6076
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6077
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6078
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6079
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6080
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6081
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6082
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6083
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6085
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6086
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6087
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6088
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6089
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6090
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6091
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6092
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6093
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6094
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6095
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6096
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6097
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6098
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6099
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6100
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6101
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6102
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6103
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6104
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6105
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6106
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6107
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6108
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6109
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6110
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6111
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6112
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6113
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6114
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6116
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6117
		https://www.debian.org/security/2018/dsa-4182
		https://www.exploit-db.com/exploits/44584/
		https://www.zerodayinitiative.com/advisories/ZDI-19-367/
		http://www.securityfocus.com/bid/103297
1552482		https://bugzilla.redhat.com/show_bug.cgi?id=1552482
cpe:2.3:a:google:chrome::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
cpe:2.3:a:mi:mi6_browser:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mi:mi6_browser:-:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
CVE-2018-6065	Exploit	https://bugs.chromium.org/p/project-zero/issues/detail?id=1526
CVE-2018-6065	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/44584.txt
CVE-2018-6065		https://nvd.nist.gov/vuln/detail/CVE-2018-6065
GLSA-201803-05		https://security.gentoo.org/glsa/201803-05

Data source	Exploit-DB
Date added	May 4, 2018
Description	Google Chrome V8 - Object Allocation Size Integer Overflow
Ransomware campaign use	Known
Source publication date	May 4, 2018
Exploit type	remote
Platform	multiple
Source update date	May 4, 2018
Source URL	https://bugs.chromium.org/p/project-zero/issues/detail?id=1526

Data source	KEV
Date added	June 8, 2022
Description	Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action	Apply updates per vendor instructions.
Due date	June 22, 2022
Note	https://nvd.nist.gov/vuln/detail/CVE-2018-6065
Ransomware campaign use	Unknown

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2018:0484

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2018:0484

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:16:27Z/ Found at https://access.redhat.com/errata/RHSA-2018:0484

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6065.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:16:27Z/ Found at https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/808192

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/808192

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:16:27Z/ Found at https://crbug.com/808192

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-6065

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-6065

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-6065

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-6065

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2018/dsa-4182

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2018/dsa-4182

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:16:27Z/ Found at https://www.debian.org/security/2018/dsa-4182

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.exploit-db.com/exploits/44584/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.exploit-db.com/exploits/44584/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:16:27Z/ Found at https://www.exploit-db.com/exploits/44584/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.zerodayinitiative.com/advisories/ZDI-19-367/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.zerodayinitiative.com/advisories/ZDI-19-367/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:16:27Z/ Found at https://www.zerodayinitiative.com/advisories/ZDI-19-367/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/103297

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/103297

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:16:27Z/ Found at http://www.securityfocus.com/bid/103297

Exploit Prediction Scoring System (EPSS)

Percentile	0.99406
EPSS Score	0.87293
Published At	May 1, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.