CVE-2022-4135

Description from NVD

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Information Acquisition Date:2022-11-30T19:36Z

CVSS 2.0: 0.0 None CVSS 3.x: 9.6 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchanged	Changed
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

NVD References

https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html
source:MISC
tags:Release Notes Vendor Advisory

https://crbug.com/1392715
source:MISC
tags:Permissions Required

Description from Forti

Security Update 2022-11-24 from Google Chrome

Information Acquisition Date:2022/11/27

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Chrome(1 tweets)

List of frequently cited URLs

URL	Num of Times Referred to
https://cvetrends.com	51
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2...	5
http://SecurityWeek.Com	4
https://kev.kokumoto.com/	4
https://www.bleepingcomputer.com/news/security/google-pushe...	4
https://googleprojectzero.github.io/0days-in-the-wild//0day...	4
https://chromereleases.googleblog.com/2022/11/stable-channe...	4
https://cve.report/CVE-2022-4135	3
https://twitter.com/USCERT_gov/status/1597349938358362113	3
https://thehackernews.com/2022/11/update-chrome-browser-now...	3
https://securityonline.info/cve-2022-4135-new-zero-day-vuln...	3

Information from Twitter

User	URL	Info Source	Date
blackorbird	https://blog.google/threat-analysis-group/spyware-vendors-u...	Source blackorbird 1641814397185331200	2023/03/31
blackorbird	https://twitter.com/blackorbird/status/1641814397185331200/...	Source blackorbird 1641814397185331200	2023/03/31

List of frequently cited URLs

URL	Num of Times Referred to
cvetrends.com	51
msrc.microsoft.com	5
SecurityWeek.Com	4
kev.kokumoto.com	4
www.bleepingcomputer.com	4
googleprojectzero.github.io	4
chromereleases.googleblog.com	4
cve.report	3
twitter.com	3
thehackernews.com	3
securityonline.info	3

Information from Twitter

User	URL	Info Source
blackorbird	blog.google	Show Tweet
blackorbird	twitter.com	Show Tweet

GitHub Search Results: Up to 10

Name	URL
Cr4ckC4t/cve-2022-41352-zimbra-rce	https://github.com/Cr4ckC4t/cve-2022-41352-zimbra-rce
segfault-it/cve-2022-41352	https://github.com/segfault-it/cve-2022-41352
thecasual/CVE-2022-41358	https://github.com/thecasual/CVE-2022-41358
aryrz/cve-2022-41352-zimbra-rce	https://github.com/aryrz/cve-2022-41352-zimbra-rce

GitHub Search Results: Up to 10

Name	URL
Cr4ckC4t/cve-2022-41352-zimbra-rce	github.com
segfault-it/cve-2022-41352	github.com
thecasual/CVE-2022-41358	github.com
aryrz/cve-2022-41352-zimbra-rce	github.com

2023/04/01 Score : 0
Added Har-sia Database : 2022/11/25
Last Modified : 2023/04/01
Highest Scored Date : 2022/11/25
Highest Score : 64