8.8

CVE-2019-13726

Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 79.0.3945.79
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
FedoraprojectFedora Version30
FedoraprojectFedora Version31
RedhatEnterprise Linux Desktop Version6.0 HwPlatformx64
RedhatEnterprise Linux Desktop Version6.0 HwPlatformx86
RedhatEnterprise Linux For Scientific Computing Version6.0 HwPlatformx64
RedhatEnterprise Linux For Scientific Computing Version6.0 HwPlatformx86
RedhatEnterprise Linux Server Version6.0 HwPlatformx64
RedhatEnterprise Linux Server Version6.0 HwPlatformx86
RedhatEnterprise Linux Workstation Version6.0 HwPlatformx64
RedhatEnterprise Linux Workstation Version6.0 HwPlatformx86
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.19% 0.801
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://security.gentoo.org/glsa/202003-08
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html
Broken Link
https://access.redhat.com/errata/RHSA-2019:4238
Third Party Advisory
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/
https://seclists.org/bugtraq/2020/Jan/27
Third Party Advisory
Mailing List
https://www.debian.org/security/2020/dsa-4606
Third Party Advisory
https://crbug.com/1027152
Vendor Advisory
Permissions Required