Vulnerability Details

Google Chrome Security Updates(stable-channel-update-for-desktop-2020-02)-Windows

Published: 2020-02-05 06:21:03
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Summary:
The host is installed with Google Chrome and is prone to multiple vulnerabilities.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exist due to, - An integer overflow issue in JavaScript. - A type confusion issue in JavaScript. - Multiple vulnerabilities in XML and SQLite. - Insufficient policy enforcement issue in storage. - An out of bounds write issue in WebRTC. - An out of bounds memory access issue in WebAudio. - A use after free issue in audio. - For more information refer the references.

Impact:
Successful exploitation allows attackers to execute arbitrary code, read sensitive information, bypass security restrictions, perform unauthorized actions or cause denial of service conditions.

Affected Versions:
Google Chrome version prior to 80.0.3987.87 on Windows

Recommendations:
Upgrade to Google Chrome version 80.0.3987.87 or later. Please see the references for more information.

Solution Type:
Vendor Patch

Detection Type:
Windows Registry

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2020-6381
https://nvd.nist.gov/vuln/detail/CVE-2020-6382
https://nvd.nist.gov/vuln/detail/CVE-2019-18197
https://nvd.nist.gov/vuln/detail/CVE-2019-19926
https://nvd.nist.gov/vuln/detail/CVE-2020-6385
https://nvd.nist.gov/vuln/detail/CVE-2019-19925
https://nvd.nist.gov/vuln/detail/CVE-2020-6387
https://nvd.nist.gov/vuln/detail/CVE-2020-6388
https://nvd.nist.gov/vuln/detail/CVE-2020-6389
https://nvd.nist.gov/vuln/detail/CVE-2020-6390
https://nvd.nist.gov/vuln/detail/CVE-2020-6391
https://nvd.nist.gov/vuln/detail/CVE-2020-6392
https://nvd.nist.gov/vuln/detail/CVE-2020-6393
https://nvd.nist.gov/vuln/detail/CVE-2020-6394
https://nvd.nist.gov/vuln/detail/CVE-2020-6395
https://nvd.nist.gov/vuln/detail/CVE-2020-6396
https://nvd.nist.gov/vuln/detail/CVE-2020-6397
https://nvd.nist.gov/vuln/detail/CVE-2020-6398
https://nvd.nist.gov/vuln/detail/CVE-2020-6399
https://nvd.nist.gov/vuln/detail/CVE-2020-6400
https://nvd.nist.gov/vuln/detail/CVE-2020-6401
https://nvd.nist.gov/vuln/detail/CVE-2020-6402
https://nvd.nist.gov/vuln/detail/CVE-2020-6403
https://nvd.nist.gov/vuln/detail/CVE-2020-6404
https://nvd.nist.gov/vuln/detail/CVE-2020-6405
https://nvd.nist.gov/vuln/detail/CVE-2020-6406
https://nvd.nist.gov/vuln/detail/CVE-2019-19923
https://nvd.nist.gov/vuln/detail/CVE-2020-6408
https://nvd.nist.gov/vuln/detail/CVE-2020-6409
https://nvd.nist.gov/vuln/detail/CVE-2020-6410
https://nvd.nist.gov/vuln/detail/CVE-2020-6411
https://nvd.nist.gov/vuln/detail/CVE-2020-6412
https://nvd.nist.gov/vuln/detail/CVE-2020-6413
https://nvd.nist.gov/vuln/detail/CVE-2020-6414
https://nvd.nist.gov/vuln/detail/CVE-2020-6415
https://nvd.nist.gov/vuln/detail/CVE-2020-6416
https://nvd.nist.gov/vuln/detail/CVE-2020-6417
https://nvd.nist.gov/vuln/detail/CVE-2019-19880

References:

https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html?m=1

Search
Severity
High
CVSS Score
9.3

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.