HomePentest-Tools.com Logo

Google Chrome Security Updates(stable-channel-update-for-desktop-2019-09)-Windows CVE-2019-5870CVE-2019-5871CVE-2019-5872CVE-2019-5873CVE-2019-5874CVE-2019-5875CVE-2019-5876CVE-2019-5877CVE-2019-5878CVE-2019-5879CVE-2019-5880CVE-2019-5881CVE-2019-13659CVE-2019-13660CVE-2019-13661CVE-2019-13662CVE-2019-13663CVE-2019-13664CVE-2019-13665CVE-2019-13666CVE-2019-13667CVE-2019-13668CVE-2019-13669CVE-2019-13670CVE-2019-13671CVE-2019-13673CVE-2019-13674CVE-2019-13675CVE-2019-13676CVE-2019-13677CVE-2019-13678CVE-2019-13679CVE-2019-13680CVE-2019-13681CVE-2019-13682CVE-2019-13683

Severity
CVSSv3 Score
8.1
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to - Multiple use-after-free issues in media, Mojo, media and V8. - A heap overflow issue in Skia. - A use-after-free issue in Mojo. - A URL bar spoofing issue on iOS. - A issue where external URIs may trigger other browsers. - A URL bar spoof issue via download redirect. - An out-of-bounds access in V8. - An issue due to which extensions can read some local files. - A sameSite cookie bypass issue. - Arbitrary read in SwiftShader. - A URL spoof issue. - Full screen notification overlap and spoof issues. Please see the references for more information about the vulnerabilities. Successful exploitation will allow attackers to execute arbitrary code, conduct spoofing attacks, cause denial of service and also take control of an affected system.

Recommendation

Upgrade to Google Chrome version 77.0.3865.75 or later. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 25, 2019
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available