The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of WebRTC.org

vulnerability alert CVE-2018-16083

WebRTC.org: out-of-bounds memory reading via FEC

Synthesis of the vulnerability

An attacker can force a read at an invalid address via FEC of WebRTC.org, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Chrome, Opera, SLES, WebRTC.org.
Severity: 2/4.
Consequences: user access/rights, data reading, denial of service on client, no consequence.
Provenance: internet client.
Creation date: 21/09/2018.
Identifiers: 1606, CVE-2018-16083, openSUSE-SU-2018:2664-2, VIGILANCE-VUL-27291.

Description of the vulnerability

An attacker can force a read at an invalid address via FEC of WebRTC.org, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-16071

WebRTC.org: use after free via VP9

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via VP9 of WebRTC.org, in order to trigger a denial of service, and possibly to run code.
Impacted products: Chrome, Opera, SLES, WebRTC.org.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 21/09/2018.
Identifiers: 1601, CVE-2018-16071, openSUSE-SU-2018:2664-2, VIGILANCE-VUL-27290.

Description of the vulnerability

An attacker can force the usage of a freed memory area via VP9 of WebRTC.org, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about WebRTC.org: