Google Chrome Mojo Insufficient Data Validation Out-of-Bounds Write Vulnerability
CVE-2024-9369 Published on November 27, 2024
Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Vulnerability Analysis
CVE-2024-9369 can be exploited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
Products Associated with CVE-2024-9369
Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.
Affected Versions
Google Chrome:- Version 129.0.6668.89 and below 129.0.6668.89 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.