CVE-2023-4863 – Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) El desbordamiento del búfer de memoria en libwebp en Google Chrome anterior a 116.0.5845.187 y libwebp 1.3.2 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library. Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. • https://github.com/alsaeroth/CVE-2023-4863-POC https://github.com/mistymntncop/CVE-2023-4863 https://github.com/LiveOverflow/webp-CVE-2023-4863 https://github.com/bbaranoff/CVE-2023-4863 https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863 https://github.com/huiwen-yayaya/CVE-2023-4863 https://github.com/CrackerCat/CVE-2023-4863- https://github.com/sarsaeroth/CVE-2023-4863-POC http://www.openwall.com/lists/oss-security/2023/09/21/4 http://www.openwall.com/list • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •