CVE-2018-17462 – chromium-browser: Sandbox escape in AppCache
https://notcve.org/view.php?id=CVE-2018-17462
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page. Conteo de referencias incorrecto en AppCache en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto realizase un escape del sandbox mediante una página HTML manipulada. • http://www.securityfocus.com/bid/105666 https://access.redhat.com/errata/RHSA-2018:3004 https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html https://crbug.com/888926 https://security.gentoo.org/glsa/201811-10 https://www.debian.org/security/2018/dsa-4330 https://access.redhat.com/security/cve/CVE-2018-17462 https://bugzilla.redhat.com/show_bug.cgi?id=1640098 • CWE-416: Use After Free •
CVE-2018-17470 – chromium-browser: Memory corruption in GPU Internals
https://notcve.org/view.php?id=CVE-2018-17470
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento de búfer basado en memoria dinámica (heap) en GPU en Google Chrome, en versiones anteriores a la 70.0.3538.67, permitía que un atacante remoto, que hubiese comprometido el proceso renderer, pudiese escapar del sandbox mediante una página HTML manipulada. • http://www.securityfocus.com/bid/105666 https://access.redhat.com/errata/RHSA-2018:3004 https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html https://crbug.com/877874 https://security.gentoo.org/glsa/201811-10 https://www.debian.org/security/2018/dsa-4330 https://access.redhat.com/security/cve/CVE-2018-17470 https://bugzilla.redhat.com/show_bug.cgi?id=1640106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-18603
https://notcve.org/view.php?id=CVE-2018-18603
360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. NOTE: the vendor's position is that this cannot be categorized as a vulnerability, although it is a security-related issue ** EN DISPUTA ** 360 Total Security 3.5.0.1033 permite el escape del sandbox mediante una instrucción "import os", seguida por os.system ("CMD") u os.system("PowerShell"), en un archivo .py. • https://exchange.xforce.ibmcloud.com/vulnerabilities/151867 https://github.com/sandboxescape/360-3.5.0.1033-Sandbox-Escape-Exploit •
CVE-2018-8469 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8469
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." ... Existe una vulnerabilidad de elevación de privilegios en Microsoft Edge que podría permitir que un atacante escape del sandbox AppContainer en el navegador. ... Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105263 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8469 •
CVE-2018-8463 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8463
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." ... Existe una vulnerabilidad de elevación de privilegios en Microsoft Edge que podría permitir que un atacante escape del sandbox AppContainer en el navegador. ... Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105260 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8463 •