Kaspersky ID:
KLA11869
Дата обнаружения:
14/07/2020
Обновлено:
11/07/2024

Описание

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. Incorrect security UI vulnerability in PWAs can be exploited to obtain sensitive information.
  2. Inappropriate implementation vulnerability in WebRTC can be exploited to potentially denial of service.
  3. Use after free vulnerability in developer tools can be exploited to potentially denial of service and bypass security restrictions.
  4. Heap buffer overflow vulnerability in Skia can be exploited to potentially denial of service and bypass security restrictions.
  5. Heap buffer overflow vulnerability in Skiacan can be exploited to potentially denial of service and bypass security restrictions.
  6. Inappropriate implementation vulnerability in external protocol handlers can be exploited to potentially denial of service.
  7. Incorrect security UI vulnerability in basic auth can be exploited to obtain sensitive information.
  8. Side-channel information leakage vulnerability in scroll to text can be exploited to obtain sensitive information.
  9. Out of bounds write vulnerability in Skia can be exploited to potentially denial of service and bypass security restrictions.
  10. Out of bounds vulnerability in developer tools can be exploited to potentially denial of service.
  11. Heap buffer overflow vulnerability in background fetch can be exploited to potentially denial of service and bypass security restrictions.
  12. Use after free vulnerability in tab strip can be exploited to potentially denial of service.
  13. Side-channel information leakage vulnerability in content security policy can be exploited to obtain sensitive information.
  14. Type Confusion vulnerability in V8 can be exploited to potentially denial of service.
  15. Policy bypass vulnerability in CORS can be exploited to security bypass.
  16. Insufficient policy enforcement vulnerability in CSP can be exploited to security bypass.
  17. Policy bypass vulnerability in CSP can be exploited to security bypass.
  18. Heap buffer overflow vulnerability in WebAudi can be exploited to potentially denial of service.
  19. Inappropriate implementation vulnerability in iframe sandbox can be exploited to potentially denial of service.
  20. Heap buffer overflow vulnerability in WebRTC can be exploited to potentially denial of service.
  21. Insufficient data validation vulnerability in WebUI can be exploited to potentially denial of service.
  22. Heap buffer overflow vulnerability in history can be exploited to potentially denial of service.
  23. Side-channel information leakage vulnerability in autofill can be exploited to obtain sensitive information.
  24. Inappropriate implementation vulnerability in WebRTC can be exploited to potentially denial of service.
  25. Heap buffer overflow vulnerability in PDFium can be exploited to potentially denial of service.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2020-6536
    warning
  • CVE-2020-6529
    warning
  • CVE-2020-6518
    critical
  • CVE-2020-6520
    critical
  • CVE-2020-6525
    critical
  • CVE-2020-6522
    critical
  • CVE-2020-6528
    warning
  • CVE-2020-6531
    warning
  • CVE-2020-6523
    critical
  • CVE-2020-6530
    critical
  • CVE-2020-6510
    critical
  • CVE-2020-6515
    critical
  • CVE-2020-6511
    high
  • CVE-2020-6533
    critical
  • CVE-2020-6516
    warning
  • CVE-2020-6527
    warning
  • CVE-2020-6519
    high
  • CVE-2020-6524
    critical
  • CVE-2020-6526
    high
  • CVE-2020-6534
    critical
  • CVE-2020-6512
    critical
  • CVE-2020-6535
    high
  • CVE-2020-6517
    critical
  • CVE-2020-6521
    high
  • CVE-2020-6514
    high
  • CVE-2020-6513
    critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Confirm changes?
Your message has been sent successfully.