Fwd: [CIVN-2020-0235] Multiple Vulnerabilities in Google Chrome

Severity rating: High

Software affected

· Google Chrome versions prior to 83.0.4103.106

Overview

Multiple vulnerabilities have been reported in Google Chrome which could

allow a remote attacker to execute arbitrary code or bypass security

restrictions on the targeted system.

Description

These vulnerabilities exist in Google Chrome due to use-after-free error in

speech component, insufficient policy enforcement in WebView or

out-of-bounds write error in V8. A remote attacker could exploit these

vulnerabilities by persuading a victim to visit a specially crafted web

site.

Successful exploitation of these vulnerabilities could allow the attacker

to execute arbitrary code or bypass security restrictions on the targeted

system resulting in complete system compromise.

Solution

Upgrade to Google Chrome 83.0.4103.106 as mentioned in:

https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html

Vendor Information

Google Chrome

https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html

References

Google Chrome

https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html

CVE Name

CVE-2020-6505

CVE-2020-6506

CVE-2020-6507

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0235] Multiple Vulnerabilities in Google Chrome

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive