Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.817506 |
Category: | General |
Title: | Google Chrome Security Update (stable-channel-update-for-desktop-2020-10) - Windows |
Summary: | Google Chrome is prone to multiple vulnerabilities. |
Description: | Summary: Google Chrome is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to - Use after free in payments. - Use after free in Blink. - Use after free in WebRTC. - Use after free in NFC. - Use after free in printing. - Use after free in audio. - Use after free in autofill. - Use after free in password manager. - Insufficient policy enforcement in extensions. - Integer overflow in Blink. - Integer overflow in SwiftShader. - Use after free in WebXR. - Inappropriate implementation in networking. - Insufficient data validation in dialogs. - Insufficient data validation in navigation. - Inappropriate implementation in V8. - Insufficient policy enforcement in Intents. - Out of bounds read in audio. - Side-channel information leakage in cache. - Insufficient data validation in webUI. - Insufficient policy enforcement in Omnibox. - Inappropriate implementation in Blink. - Integer overflow in media. - Insufficient policy enforcement in networking. - Insufficient policy enforcement in downloads. - Uninitialized Use in PDFium. Vulnerability Impact: Successful exploitation allows attackers to execute arbitrary code, disclose sensitive information and cause denial of service condition. Affected Software/OS: Google Chrome version prior to 86.0.4240.75. Solution: Update to Google Chrome version 86.0.4240.75 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-6557 Debian Security Information: DSA-4824 (Google Search) https://www.debian.org/security/2021/dsa-4824 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GWCWNHTTYOH6HSFUXPGPBB6J6JYZHZE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/24QFL4C3AZKMFVL7LVSYMU2DNE5VVUGS/ https://security.gentoo.org/glsa/202101-30 https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html https://crbug.com/1083278 SuSE Security Announcement: openSUSE-SU-2020:1829 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html |
Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |