当前位置:网站首页>Google发布安全更新,修复Chrome中已被利用的0 day
Google发布安全更新,修复Chrome中已被利用的0 day
2022-07-06 17:38:00 【千里ZLP】
本次漏洞
组件介绍
Google Chrome 是全球主流的免费浏览器之一,用户群体广泛,具有快速、高效、安全等特点。
漏洞简介
7月4日,Google发布为Windows用户发布Chrome 103.0.5060.114,修复了2022年Chrome中的第4个0 day。该漏洞是WebRTC(Web实时通信)组件中基于堆的缓冲区溢出漏洞(CVE-2022-2294),由Avast的研究团队于7月1日披露。Google透露该漏洞已被在野利用,但并未公开关于攻击的技术细节等信息。
攻击者可利用该漏洞,构造恶意数据造成缓冲区溢出攻击,并执行远程代码。
影响范围
目前受影响的 Google Chrome 版本:
- Google Chrome Desktop < 103.0.5060.114
- Google Chrome Extended <
边栏推荐
- C language - array
- NEON优化:关于交叉存取与反向交叉存取
- 【信号与系统】
- 分享一个通用的so动态库的编译方法
- "Exquisite store manager" youth entrepreneurship incubation camp - the first phase of Shunde market has been successfully completed!
- [Niuke] b-complete square
- Atomic in golang and CAS operations
- AI 从代码中自动生成注释文档
- taro3.*中使用 dva 入门级别的哦
- Openjudge noi 1.7 10: simple password
猜你喜欢
云呐-工单管理制度及流程,工单管理规范
go-zero微服务实战系列(九、极致优化秒杀性能)
C language - array
[Niuke] b-complete square
Anfulai embedded weekly report no. 272: 2022.06.27--2022.07.03
动态规划思想《从入门到放弃》
2022 Google CTF SEGFAULT LABYRINTH wp
Make Jar, Not War
Go zero micro service practical series (IX. ultimate optimization of seckill performance)
Your cache folder contains root-owned files, due to a bug in npm ERR! previous versions of npm which
随机推荐
Do you understand this patch of the interface control devaxpress WinForms skin editor?
In rails, when the resource creation operation fails and render: new is called, why must the URL be changed to the index URL of the resource?
2022 Google CTF SEGFAULT LABYRINTH wp
线段树(SegmentTree)
[case sharing] basic function configuration of network loop detection
go-zero微服务实战系列(九、极致优化秒杀性能)
ARM裸板调试之JTAG原理
[batch dos-cmd command - summary and summary] - jump, cycle, condition commands (goto, errorlevel, if, for [read, segment, extract string]), CMD command error summary, CMD error
Make a simple graphical interface with Tkinter
机器学习:随机梯度下降(SGD)与梯度下降(GD)的区别与代码实现。
Send template message via wechat official account
Taro中添加小程序 “lazyCodeLoading“: “requiredComponents“,
[hfctf2020]babyupload session parsing engine
资产安全问题或制约加密行业发展 风控+合规成为平台破局关键
ClickHouse字段分组聚合、按照任意时间段粒度查询SQL
Installation of torch and torch vision in pytorch
Segmenttree
数据手册中的词汇
Failed to successfully launch or connect to a child MSBuild. exe process. Verify that the MSBuild. exe
golang中的atomic,以及CAS操作