all InfoSec news
Google Chrome WebRTC Heap buffer overflow (CVE-2023-7024)
Dec. 27, 2023, 7:41 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
A zero-day vulnerability in Google Chrome is actively exploited in the wild. The vulnerability is a Heap buffer overflow issue in the open-source WebRTC framework. Many other web browsers, such as Mozilla Firefox, Safari, and Microsoft Edge, also use the WebRTC framework to provide Real-Time Communications (RTC) capabilities. A successful exploitation of the vulnerability via a crafted HTML page could allow an attacker to execute arbitrary code on the affected system.
What is the Vendor Solution? …
actively exploited browsers buffer buffer overflow capabilities chrome communications cve cve-2023-7024 edge exploited firefox framework google google chrome heap buffer overflow issue microsoft microsoft edge mozilla mozilla firefox overflow real rtc safari vulnerability web web browsers webrtc what is zero-day zero-day vulnerability
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark