Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild. About CVE-2023-5217 The vulnerability is caused by a heap buffer overflow in vp8 encoding in libvpx – a video codec library from Google and the Alliance for Open Media (AOMedia). Heap buffer overflows can cause program crashes or arbitrary code execution. CVE-2023-5217 has been fixed in Google Chrome 117.0.5938.132 for Windows, Mac and Linux users. Google noted that … More
The post Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217) appeared first on Help Net Security.