Kaspersky Threats

Detect date

10/31/2023

Severity

?

High

Description

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

Integer overflow vulnerability in USB can be exploited to cause execute arbitrary code and denial of service.
Use after free vulnerability in Profiles can be exploited to cause denial of service or execute arbitrary code.
Security UI vulnerability in Picture In Picture can be exploited to spoof user interface.
Security UI vulnerability in Downloads can be exploited to spoof user interface.
Implementation vulnerability in WebApp Provider can be exploited to cause denial of service.
Data validation vulnerability in USB can be exploited to cause denial of service.
Implementation vulnerability in Downloads can be exploited to cause denial of service.
Implementation vulnerability in Payments can be exploited to cause denial of service.
Use after free vulnerability in Reading Mode can be exploited to cause denial of service or execute arbitrary code.
Use after free vulnerability in Printing can be exploited to cause denial of service or execute arbitrary code.
Use after free vulnerability in Side Panel can be exploited to cause denial of service or execute arbitrary code.

Affected products

Google Chrome earlier than 119.0.6045.105

Solution

Update to the latest version
Download Google Chrome

Original advisories

Chrome Releases: Stable Channel Update for Desktop

Impacts

?

ACE

[?]

DoS

[?]

SUI

[?]

Detect date	10/31/2023
Severity ?	High
Description	Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: Integer overflow vulnerability in USB can be exploited to cause execute arbitrary code and denial of service. Use after free vulnerability in Profiles can be exploited to cause denial of service or execute arbitrary code. Security UI vulnerability in Picture In Picture can be exploited to spoof user interface. Security UI vulnerability in Downloads can be exploited to spoof user interface. Implementation vulnerability in WebApp Provider can be exploited to cause denial of service. Data validation vulnerability in USB can be exploited to cause denial of service. Implementation vulnerability in Downloads can be exploited to cause denial of service. Implementation vulnerability in Payments can be exploited to cause denial of service. Use after free vulnerability in Reading Mode can be exploited to cause denial of service or execute arbitrary code. Use after free vulnerability in Printing can be exploited to cause denial of service or execute arbitrary code. Use after free vulnerability in Side Panel can be exploited to cause denial of service or execute arbitrary code.
Affected products	Google Chrome earlier than 119.0.6045.105
Solution	Update to the latest version Download Google Chrome
Original advisories	Chrome Releases: Stable Channel Update for Desktop
Impacts ?	ACE [?] DoS [?] SUI [?]
Related products	Google Chrome
CVE-IDS ?	CVE-2023-54805.0Warning CVE-2023-58515.0Warning CVE-2023-54825.0Warning CVE-2023-58565.0Warning CVE-2023-58525.0Warning CVE-2023-58595.0Warning CVE-2023-58555.0Warning CVE-2023-58505.0Warning CVE-2023-58495.0Warning CVE-2023-58535.0Warning CVE-2023-58545.0Warning CVE-2023-58575.0Warning CVE-2023-58585.0Warning
	Find out the statistics of the vulnerabilities spreading in your region

KLA61760Multiple vulnerabilities in Google Chrome

KLA61760
Multiple vulnerabilities in Google Chrome