Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Vulnerabilities

Multiple vulnerability in Google Chrome

Kaspersky ID:
KLA71709
Detect Date:
07/22/2024
Updated:
11/28/2024

Description

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Heap buffer overflow vulnerability in Fonts can be exploited to cause denial of service.
  2. Type confusion vulnerability in V8 can be exploited to cause denial of service.
  3. Heap buffer overflow vulnerability in PDFium can be exploited to cause denial of service.
  4. Inappropriate implementation vulnerability in FedCM can be exploited to cause denial of service.
  5. Insufficient data validation vulnerability in Installer can be exploited to bypass security restrictions.
  6. Inappropriate implementation vulnerability in Views can be exploited to cause denial of service.
  7. Inappropriate implementation vulnerability in Permissions can be exploited to cause denial of service.
  8. Inappropriate implementation vulnerability in V8 can be exploited to cause denial of service.
  9. Out of bounds memory read vulnerability in Skia can be exploited to cause denial of service.
  10. Insufficient policy enforcement vulnerability in Data Transfer can be exploited to bypass security restrictions.
  11. Inappropriate implementation vulnerability in WebApp can be exploited to cause denial of service.
  12. Use after free vulnerability in Passwords can be exploited to cause denial of service or execute arbitrary code.
  13. Inappropriate implementation vulnerability in Extensions can be exploited to cause denial of service.
  14. Insufficient data validation vulnerability in V8 API can be exploited to bypass security restrictions.
  15. Inappropriate implementation vulnerability in Custom can be exploited to cause denial of service.
  16. Use after free vulnerability in Autofill can be exploited to cause denial of service or execute arbitrary code.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Related products

CVE list

  • CVE-2024-7967
    critical
  • CVE-2024-7969
    critical
  • CVE-2024-7973
    critical
  • CVE-2024-7976
    warning
  • CVE-2024-7979
    critical
  • CVE-2024-7981
    warning
  • CVE-2024-7975
    warning
  • CVE-2024-7965
    critical
  • CVE-2024-7966
    critical
  • CVE-2024-7978
    warning
  • CVE-2024-8033
    warning
  • CVE-2024-7964
    critical
  • CVE-2024-7971
    critical
  • CVE-2024-7980
    critical
  • CVE-2024-8035
    warning
  • CVE-2024-7974
    critical
  • CVE-2024-8034
    warning
  • CVE-2024-7968
    critical
  • CVE-2024-7977
    critical
  • CVE-2024-7972
    critical

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
02 December 2024
Securelist
Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT
29 November 2024
Securelist
IT threat evolution in Q3 2024. Non-mobile statistics
29 November 2024
Securelist
IT threat evolution in Q3 2024. Mobile statistics
29 November 2024
Securelist
IT threat evolution Q3 2024
28 November 2024
Securelist
APT trends report Q3 2024
27 November 2024
Securelist
Consumer and privacy predictions for 2025
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Kaspersky ID
Vulnerability
Detect date
Severity
Confirm changes?
Your message has been sent successfully.