Description
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service.
Below is a complete list of vulnerabilities:
- An use-after-free vulnerability in offline page fetcher can be exploited to execute arbitrary code;
- A memory corruption vulnerability in regexp length check can be exploited to execute arbitrary code;
- An insufficient port filtering issue in CORS for extensions can be exploited to bypass security restrictions;
- An use-after-free vulnerability in PDFium can be exploited to execute arbitrary code;
- An integer overflow vulnerability in PDFium text rendering can be exploited to cause denial of service;
- A site isolation bypass issue can be exploited to bypass security restrictions;
- An integer overflow vulnerability in PDFium can be exploited to cause denial of service;
- A comparison of -0 and null yields crash issue can be exploited to cause denial of service;
- An insufficient checks on filesystem issue in URI permissions can be exploited to bypass security restrictions;
- An use-after-free vulnerability in WebUSB on Windows can be exploited to execute arbitrary code;
- An use-after-poison vulnerability in offline audio context can be exploited to execute arbitrary code;
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2019-5850 critical
- CVE-2019-5859 critical
- CVE-2019-5853 critical
- CVE-2019-5864 warning
- CVE-2019-5860 high
- CVE-2019-5854 critical
- CVE-2019-5865 high
- CVE-2019-5855 high
- CVE-2019-5857 high
- CVE-2019-5856 critical
- CVE-2019-5863 warning
- CVE-2019-5862 high
- CVE-2019-5858 critical
- CVE-2019-5851 critical
- CVE-2019-5852 high
- CVE-2019-5861 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!