HomePentest-Tools.com Logo

Google Chrome Security Updates (stable-channel-update-for-desktop-2023-03) - Mac OS X CVE-2023-1213CVE-2023-1214CVE-2023-1215CVE-2023-1216CVE-2023-1217CVE-2023-1218CVE-2023-1219CVE-2023-1220CVE-2023-1221CVE-2023-1222CVE-2023-1223CVE-2023-1224CVE-2023-1225CVE-2023-1226CVE-2023-1227CVE-2023-1228CVE-2023-1229CVE-2023-1230CVE-2023-1231CVE-2023-1232CVE-2023-1233CVE-2023-1234CVE-2023-1235CVE-2023-1236

Severity
CVSSv3 Score
4.3
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to, - Use after free in Swiftshader. - Type Confusion in V8. - Type Confusion in CSS. - Use after free in DevTools. - Stack buffer overflow in Crash reporting. - Use after free in WebRTC. - Heap buffer overflow in Metrics. - Heap buffer overflow in UMA. - Insufficient policy enforcement in Extensions API. - Heap buffer overflow in Web Audio API. - Insufficient policy enforcement in Autofill. - Insufficient policy enforcement in Web Payments API. - Insufficient policy enforcement in Navigation. - Use after free in Core. - Insufficient policy enforcement in Intents. - Inappropriate implementation in Permission prompts. - Inappropriate implementation in WebApp Installs. - Inappropriate implementation in Autofill. - Insufficient policy enforcement in Resource Timing. - Inappropriate implementation in Intents. - Type Confusion in DevTools. - Inappropriate implementation in Internals. Successful exploitation will allow attackers to run arbitrary code, bypass security restrictions, conduct spoofing and cause a denial of service on affected system.

Recommendation

Upgrade to Google Chrome version 111.0.5563.64 or later. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 7, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available