CVE-2019-5788

HIGH

Google Chrome < 73.0.3683.75 - Use-After-Free via Blink Storage Integer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-5788. PoCs published by Google Security Research.

AI-analyzed exploit summary The exploit demonstrates a use-after-free vulnerability in Chrome's FileSystemOperationRunner due to OperationID integer wrap-around. The PoC requires either a malformed blob or FileWriter API access, and triggers the issue via JavaScript, though runtime is lengthy (~2 days).

Description

An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/46571

The exploit demonstrates a use-after-free vulnerability in Chrome's FileSystemOperationRunner due to OperationID integer wrap-around. The PoC requires either a malformed blob or FileWriter API access, and triggers the issue via JavaScript, though runtime is lengthy (~2 days).

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Complex
Reliability
Theoretical
Target: Google Chrome (versions prior to fix for CVE-2019-5788)
No auth needed
Prerequisites: Compromised renderer process or access to FileWriter API · Patience or modified OperationID typedef for faster reproduction
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Issue Tracking x_refsource_misc
https://crbug.com/925864

Scores

CVSS v3 8.8
EPSS 0.0715
EPSS Percentile 93.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-190 CWE-416
Status published
Products (5)
google/chrome < 73.0.3683.75
opensuse/backports sle-15
opensuse/leap 15.0
opensuse/leap 15.1
opensuse/leap 42.3
Published May 23, 2019
Tracked Since Feb 18, 2026