cvelistv5 - cve-2018-6058

CVE-2018-6058 (GCVE-0-2018-6058)

Vulnerability from cvelistv5

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2021-11-02T21:10:12",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2018-6058",
    "datePublished": "2021-11-02T21:10:12",
    "dateRejected": "2021-11-02T21:10:12",
    "dateReserved": "2018-01-23T00:00:00",
    "dateUpdated": "2021-11-02T21:10:12",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.0",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-6058\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2021-11-02T21:15:07.507\",\"lastModified\":\"2023-11-07T02:59:04.363\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage\"}],\"metrics\":{},\"references\":[]}}"
  }
}

cnvd-2018-09117

Vulnerability from cnvd

Title

Google Chrome Flash内存错误引用漏洞（CNVD-2018-09117）

Description

Google Chrome是美国谷歌（Google）公司开发的一款Web浏览器。Flash是其中的一个用于处理Flash的插件。 Google Chrome 65.0.3325.146之前版本中的Flash存在内存错误引用漏洞。目前没有详细的漏洞描述。

Severity

高

Patch Name

Google Chrome Flash内存错误引用漏洞（CNVD-2018-09117）的补丁

Patch Description

Google Chrome是美国谷歌（Google）公司开发的一款Web浏览器。Flash是其中的一个用于处理Flash的插件。 Google Chrome 65.0.3325.146之前版本中的Flash存在内存错误引用漏洞。目前没有详细的漏洞描述。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html

Reference

http://www.securityfocus.com/bid/103297

Impacted products

Name
Google Chrome <65.0.3325.146

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": [
      {
        "cveNumber": "CVE-2018-6058"
      },
      {
        "cveNumber": "103297"
      }
    ]
  },
  "description": "Google Chrome\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\u3002Flash\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u5904\u7406Flash\u7684\u63d2\u4ef6\u3002\r\n\r\nGoogle Chrome 65.0.3325.146\u4e4b\u524d\u7248\u672c\u4e2d\u7684Flash\u5b58\u5728\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u63cf\u8ff0\u3002",
  "discovererName": "JieZeng of Tencent Zhanlu, Omair, Guang Gong of Alpha Team, Gal Beniamini, lokihardt, Mark Brand, Masato Kinugawa, Williamson, Luan Herrera, Wanglu \u0026 Yangkang(@dnpushme), Atte Kettunen, Abdulrahman Alqabandi, Inti De Ceukelaire, Mateusz Krzeszowiec, Khalil",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-09117",
  "openTime": "2018-05-08",
  "patchDescription": "Google Chrome\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\u3002Flash\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u5904\u7406Flash\u7684\u63d2\u4ef6\u3002\r\n\r\nGoogle Chrome 65.0.3325.146\u4e4b\u524d\u7248\u672c\u4e2d\u7684Flash\u5b58\u5728\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u63cf\u8ff0\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Chrome Flash\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\uff08CNVD-2018-09117\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Google Chrome \u003c65.0.3325.146"
  },
  "referenceLink": "http://www.securityfocus.com/bid/103297",
  "serverity": "\u9ad8",
  "submitTime": "2018-04-11",
  "title": "Google Chrome Flash\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\uff08CNVD-2018-09117\uff09"
}

gsd-2018-6058

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Aliases

CVE-2018-6058

Aliases

CVE-2018-6058

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-6058",
    "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
    "id": "GSD-2018-6058"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-6058"
      ],
      "details": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
      "id": "GSD-2018-6058",
      "modified": "2023-12-13T01:22:35.876094Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-6058",
        "STATE": "REJECT"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
          }
        ]
      }
    }
  }
}

fkie_cve-2018-6058

Vulnerability from fkie_nvd

Published

2021-11-02 21:15

Modified

2023-11-07 02:59

Severity ?

Summary

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

References

	URL	Tags

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
    }
  ],
  "id": "CVE-2018-6058",
  "lastModified": "2023-11-07T02:59:04.363",
  "metrics": {},
  "published": "2021-11-02T21:15:07.507",
  "references": [],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Rejected"
}

CERTFR-2018-AVI-113

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Google Chrome et Chrome OS. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome OS versions antérieures à 64.0.3282.190 / 64.0.3282.192
	Google	Chrome	Chrome versions antérieures à 65.0.3325.146

References

Title

Publication Time

Tags

Bulletin de sécurité Google Chrome du 06 mars 2018	None	vendor-advisory
Bulletin de sécurité Google Chrome OS du 06 mars 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome OS versions ant\u00e9rieures \u00e0 64.0.3282.190 / 64.0.3282.192",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 65.0.3325.146",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-6075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6075"
    },
    {
      "name": "CVE-2018-6077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6077"
    },
    {
      "name": "CVE-2018-6072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6072"
    },
    {
      "name": "CVE-2018-6082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6082"
    },
    {
      "name": "CVE-2018-6071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6071"
    },
    {
      "name": "CVE-2018-6076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6076"
    },
    {
      "name": "CVE-2018-6067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6067"
    },
    {
      "name": "CVE-2018-6060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6060"
    },
    {
      "name": "CVE-2018-6064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6064"
    },
    {
      "name": "CVE-2018-6078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6078"
    },
    {
      "name": "CVE-2018-6065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6065"
    },
    {
      "name": "CVE-2018-6074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6074"
    },
    {
      "name": "CVE-2018-6066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6066"
    },
    {
      "name": "CVE-2018-6081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6081"
    },
    {
      "name": "CVE-2018-6068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6068"
    },
    {
      "name": "CVE-2018-6073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6073"
    },
    {
      "name": "CVE-2018-6079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6079"
    },
    {
      "name": "CVE-2018-6080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6080"
    },
    {
      "name": "CVE-2018-6059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6059"
    },
    {
      "name": "CVE-2018-6070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6070"
    },
    {
      "name": "CVE-2018-6063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6063"
    },
    {
      "name": "CVE-2018-6083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6083"
    },
    {
      "name": "CVE-2018-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6069"
    },
    {
      "name": "CVE-2018-6062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6062"
    },
    {
      "name": "CVE-2018-6057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6057"
    },
    {
      "name": "CVE-2018-6061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6061"
    },
    {
      "name": "CVE-2018-6058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6058"
    }
  ],
  "initial_release_date": "2018-03-07T00:00:00",
  "last_revision_date": "2018-03-07T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-113",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-03-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome et\nChrome OS. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un\ncontournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome et Chrome OS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Google Chrome du 06 mars 2018",
      "url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed:+GoogleChromeReleases+(Google+Chrome+Releases)"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Google Chrome OS du 06 mars 2018",
      "url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-chrome-os.html?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed%3A+GoogleChromeReleases+%28Google+Chrome+Releases%29"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-6058 (GCVE-0-2018-6058)

Vulnerability from cvelistv5

cnvd-2018-09117

Vulnerability from cnvd

gsd-2018-6058

Vulnerability from gsd

fkie_cve-2018-6058

Vulnerability from fkie_nvd

CERTFR-2018-AVI-113

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature