Kaspersky ID:
KLA11588
Дата обнаружения:
22/10/2019
Обновлено:
22/01/2024

Описание

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Use-after-free vulnerability in media can be exploited to arbitrary code execution;
  2. Buffer overrun vulnerability in Blink can be exploited to arbitrary code execution;
  3. URL spoof vulnerability in navigation can be exploited to arbitrary code execution;
  4. Privilege elevation vulnerability in Installer can be exploited to arbitrary code execution;
  5. URL bar spoofing vulnerability can be exploited to arbitrary code execution;
  6. CSP bypass vulnerability can be exploited to arbitrary code execution;
  7. Extension permission bypass vulnerability can be exploited to arbitrary code execution;
  8. Out-of-bounds read vulnerability in PDFium can be exploited to arbitrary code execution;
  9. File storage disclosure vulnerability can be exploited to arbitrary code execution;
  10. HTTP authentication spoof vulnerability can be exploited to arbitrary code execution;
  11. File download protection bypass vulnerability can be exploited to arbitrary code execution;
  12. Cross-context information leak vulnerability can be exploited to arbitrary code execution;
  13. Buffer overflow vulnerability in expat can be exploited to arbitrary code execution;
  14. Cross-origin data leak vulnerability can be exploited to arbitrary code execution;
  15. CSS injection vulnerability can be exploited to arbitrary code execution;
  16. Address bar spoofing vulnerability can be exploited to arbitrary code execution;
  17. Service worker state error vulnerability can be exploited to arbitrary code execution;
  18. IDN spoof vulnerability can be exploited to arbitrary code execution;

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2019-13699
    high
  • CVE-2019-13700
    high
  • CVE-2019-13701
    warning
  • CVE-2019-13702
    high
  • CVE-2019-13703
    warning
  • CVE-2019-13704
    warning
  • CVE-2019-13705
    warning
  • CVE-2019-13706
    high
  • CVE-2019-13707
    warning
  • CVE-2019-13708
    warning
  • CVE-2019-13709
    warning
  • CVE-2019-13710
    warning
  • CVE-2019-13711
    warning
  • CVE-2019-15903
    warning
  • CVE-2019-13713
    warning
  • CVE-2019-13714
    warning
  • CVE-2019-13715
    warning
  • CVE-2019-13716
    warning
  • CVE-2019-13717
    warning
  • CVE-2019-13718
    warning
  • CVE-2019-13719
    warning
  • CVE-2019-13765
    warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.