CVE-2018-12152

high

Description

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html

https://support.apple.com/kb/HT210722

https://support.apple.com/kb/HT210634

http://www.securityfocus.com/bid/105582

http://seclists.org/fulldisclosure/2019/Oct/56

http://seclists.org/fulldisclosure/2019/Oct/55

Details

Source: Mitre, NVD

Published: 2018-10-10

Updated: 2019-10-30

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High