BROWSER-CHROME -- Snort has detected suspicious traffic known to exploit vulnerabilities present in the Chrome browser. These rules are separate from the "browser-webkit" category; while it uses the Webkit rendering engine, there's a lot of other features to create a secondary Chrome category.
BROWSER-CHROME Google Chrome V8 FindSharedFunctionInfo out-of-bounds read attempt
This event is generated when an attacker attempts to exploit CVE-2017-5071.
Attempted User Privilege Gain
This is a vulnerability in the way that Google Chrome V8 handles function objects in memory. Attackers who are able to exploit this vulnerability may be able to leak sensitive information on the system, or access objects they otherwise may not be able to.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2017-5071Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
||Ease of Access||LOW