Vulnerability   
Search   
    Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.817425
Category:General
Title:Google Chrome Security Updates(stable-channel-update-for-desktop-2020-07)-MAC OS X
Summary:The host is installed with Google Chrome; and is prone to multiple vulnerabilities.
Description:Summary:
The host is installed with Google Chrome
and is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to,

- Heap buffer overflow in background fetch.

- Side-channel information leakage in content security policy.

- Type Confusion in V8.

- Heap buffer overflow in PDFium.

- Inappropriate implementation in WebRTC.

- Use after free in tab strip.

- Policy bypass in CORS.

- Heap buffer overflow in history.

- Use after free in developer tools.

- Policy bypass in CSP.

- Heap buffer overflow in Skia.

- Side-channel information leakage in autofill.

- Inappropriate implementation in external protocol handlers.

- Out of bounds write in Skia.

- Heap buffer overflow in WebAudio.

- Inappropriate implementation in iframe sandbox.

- Insufficient policy enforcement in CSP.

- Incorrect security UI in basic auth.

- Out of bounds memory access in developer tools.

- Side-channel information leakage in scroll to text.

- Heap buffer overflow in WebRTC.

- Insufficient data validation in WebUI.

- Incorrect security UI in PWAs.

Vulnerability Impact:
Successful exploitation allows attackers to
execute arbitrary code, disclose sensitive information and cause denial of service
condition.

Affected Software/OS:
Google Chrome version prior to 84.0.4147.89 on MAC OS X

Solution:
Upgrade to Google Chrome version 84.0.4147.89 or later.
Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-6510
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/
https://security.gentoo.org/glsa/202007-08
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html
https://crbug.com/1103195
SuSE Security Announcement: openSUSE-SU-2020:1048 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html
SuSE Security Announcement: openSUSE-SU-2020:1061 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html
SuSE Security Announcement: openSUSE-SU-2020:1148 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html
SuSE Security Announcement: openSUSE-SU-2020:1172 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-6511
https://crbug.com/1074317
Common Vulnerability Exposure (CVE) ID: CVE-2020-6512
https://crbug.com/1084820
Common Vulnerability Exposure (CVE) ID: CVE-2020-6513
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1092
https://crbug.com/1091404
Common Vulnerability Exposure (CVE) ID: CVE-2020-6514
Debian Security Information: DSA-4736 (Google Search)
https://www.debian.org/security/2020/dsa-4736
Debian Security Information: DSA-4740 (Google Search)
https://www.debian.org/security/2020/dsa-4740
https://security.gentoo.org/glsa/202007-64
http://packetstormsecurity.com/files/158697/WebRTC-usrsctp-Incorrect-Call.html
https://crbug.com/1076703
https://lists.debian.org/debian-lts-announce/2020/07/msg00027.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00006.html
SuSE Security Announcement: openSUSE-SU-2020:1147 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00008.html
SuSE Security Announcement: openSUSE-SU-2020:1155 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00011.html
SuSE Security Announcement: openSUSE-SU-2020:1179 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html
SuSE Security Announcement: openSUSE-SU-2020:1189 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html
SuSE Security Announcement: openSUSE-SU-2020:1205 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html
https://usn.ubuntu.com/4443-1/
Common Vulnerability Exposure (CVE) ID: CVE-2020-6515
https://crbug.com/1082755
Common Vulnerability Exposure (CVE) ID: CVE-2020-6516
https://crbug.com/1092449
Common Vulnerability Exposure (CVE) ID: CVE-2020-6517
https://crbug.com/1095560
Common Vulnerability Exposure (CVE) ID: CVE-2020-6518
https://crbug.com/986051
Common Vulnerability Exposure (CVE) ID: CVE-2020-6519
https://crbug.com/1064676
Common Vulnerability Exposure (CVE) ID: CVE-2020-6520
https://crbug.com/1092274
Common Vulnerability Exposure (CVE) ID: CVE-2020-6521
https://crbug.com/1075734
Common Vulnerability Exposure (CVE) ID: CVE-2020-6522
https://crbug.com/1052093
Common Vulnerability Exposure (CVE) ID: CVE-2020-6523
https://crbug.com/1080481
Common Vulnerability Exposure (CVE) ID: CVE-2020-6524
https://crbug.com/1081722
Common Vulnerability Exposure (CVE) ID: CVE-2020-6525
https://crbug.com/1091670
Common Vulnerability Exposure (CVE) ID: CVE-2020-6526
https://crbug.com/1074340
Common Vulnerability Exposure (CVE) ID: CVE-2020-6527
https://crbug.com/992698
Common Vulnerability Exposure (CVE) ID: CVE-2020-6528
https://crbug.com/1063690
Common Vulnerability Exposure (CVE) ID: CVE-2020-6529
https://crbug.com/978779
Common Vulnerability Exposure (CVE) ID: CVE-2020-6530
https://crbug.com/1016278
Common Vulnerability Exposure (CVE) ID: CVE-2020-6531
https://crbug.com/1042986
Common Vulnerability Exposure (CVE) ID: CVE-2020-6533
https://crbug.com/1069964
Common Vulnerability Exposure (CVE) ID: CVE-2020-6534
https://crbug.com/1072412
Common Vulnerability Exposure (CVE) ID: CVE-2020-6535
https://crbug.com/1073409
Common Vulnerability Exposure (CVE) ID: CVE-2020-6536
https://crbug.com/1080934
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.