Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Heap buffer overflow vulnerability in Google chrome

 

Systems Affected


Google Chrome versions prior to 84.0.4147.135

Threat Level


Medium


Overview


Vulnerability will allow an attacker to execute arbitrary code on the targeted system.


Description


Google chrome is a widely used web browser that is available for both Windows and Mac operating systems. A vulnerability has been discovered in Google Chrome, which can be used to execute arbitrary codes. A successful exploit of this vulnerability allows an attacker to execute arbitrary code in the context of the web browser. Depending on the privileges given to the application an attacker could view, change, or delete data.

This vulnerability can be exploited if a user visits, or is redirected to a specially crafted web page.


Impact


  ✻  Exposing private information to unauthorized parties
  ✻  Malware infections
  ✻  Modifications to system files


Solution/ Workarounds


  ✻  Apply the security updates as mentioned in below link: https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_18.html
  ✻  Run software as a non-privileged user (Without administrator privileges)


References


  ✻  https://www.cisecurity.org/advisory/a-vulnerability-in-teamviewer-cloud-allow-for-offline-password-cracking_2020-106/
  ✻  https://www.cert-in.org.in/


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.