| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2023-5217 | Google Chromium libvpx Heap Buffer Overflow Vulnerability | primary_impact | T1574 | Hijack Execution Flow |
Comments
This vulnerability was exploited by a remote attacker using a crafted HTML page to trigger a heap buffer overflow in the vp8 encoding of libvpx, leading to heap corruption. This flaw was part of a spyware campaign. The exploitation allowed for program crashes or arbitrary code execution, ultimately resulting in the installation of spyware.
References
|
| CVE-2023-5217 | Google Chromium libvpx Heap Buffer Overflow Vulnerability | exploitation_technique | T1204.001 | Malicious Link |
Comments
This vulnerability was exploited by a remote attacker using a crafted HTML page to trigger a heap buffer overflow in the vp8 encoding of libvpx, leading to heap corruption. This flaw was part of a spyware campaign. The exploitation allowed for program crashes or arbitrary code execution, ultimately resulting in the installation of spyware.
References
|