Multiple vulnerabilities in Google Chrome

Popis

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Use-after-free vulnerability in media can be exploited to arbitrary code execution;
2. Buffer overrun vulnerability in Blink can be exploited to arbitrary code execution;
3. URL spoof vulnerability in navigation can be exploited to arbitrary code execution;
4. Privilege elevation vulnerability in Installer can be exploited to arbitrary code execution;
5. URL bar spoofing vulnerability can be exploited to arbitrary code execution;
6. CSP bypass vulnerability can be exploited to arbitrary code execution;
7. Extension permission bypass vulnerability can be exploited to arbitrary code execution;
8. Out-of-bounds read vulnerability in PDFium can be exploited to arbitrary code execution;
9. File storage disclosure vulnerability can be exploited to arbitrary code execution;
10. HTTP authentication spoof vulnerability can be exploited to arbitrary code execution;
11. File download protection bypass vulnerability can be exploited to arbitrary code execution;
12. Cross-context information leak vulnerability can be exploited to arbitrary code execution;
13. Buffer overflow vulnerability in expat can be exploited to arbitrary code execution;
14. Cross-origin data leak vulnerability can be exploited to arbitrary code execution;
15. CSS injection vulnerability can be exploited to arbitrary code execution;
16. Address bar spoofing vulnerability can be exploited to arbitrary code execution;
17. Service worker state error vulnerability can be exploited to arbitrary code execution;
18. IDN spoof vulnerability can be exploited to arbitrary code execution;

Oficiální doporučení

• Stable Channel Update for Desktop

Vykořisťování

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Související produkty

• Google-Chrome

seznam CVE

• CVE-2019-13699
  critical
• CVE-2019-13700
  critical
• CVE-2019-13701
  warning
• CVE-2019-13702
  critical
• CVE-2019-13703
  warning
• CVE-2019-13704
  warning
• CVE-2019-13705
  warning
• CVE-2019-13706
  critical
• CVE-2019-13707
  high
• CVE-2019-13708
  warning
• CVE-2019-13709
  high
• CVE-2019-13710
  warning
• CVE-2019-13711
  high
• CVE-2019-15903
  critical
• CVE-2019-13713
  high
• CVE-2019-13714
  high
• CVE-2019-13715
  warning
• CVE-2019-13716
  warning
• CVE-2019-13717
  warning
• CVE-2019-13718
  warning
• CVE-2019-13719
  warning
• CVE-2019-13765
  high

Zobrazit více

Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com