Log

ASA-202002-11 edited at 25 Feb 2020 08:40:56
Impact
+ A remote attacker can access sensitive information or execute arbitrary code on the affected host.
ASA-202002-11 created at 25 Feb 2020 08:40:36
AVG-1101 edited at 25 Feb 2020 08:40:25
Status
- Vulnerable
+ Testing
Fixed
+ 2.4.7-7
CVE-2020-6407 edited at 25 Feb 2020 08:39:46
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ An out-of-bounds memory access vulnerability has been found in the streams component of chromium before 80.0.3987.122.
References
+ https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
+ https://crbug.com/1045931
Notes
AVG-1102 edited at 25 Feb 2020 08:38:50
Severity
- Unknown
+ High
CVE-2020-6418 edited at 25 Feb 2020 08:38:50
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ A type confusion vulnerability has been found in the V8 component of chromium before 80.0.3987.122.
References
+ https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
+ https://crbug.com/1053604
Notes
AVG-1102 created at 25 Feb 2020 08:37:48
Packages
+ chromium
Issues
+ CVE-2020-6407
+ CVE-2020-6418
Status
+ Fixed
Severity
+ Unknown
Affected
+ 80.0.3987.116-1
Fixed
+ 80.0.3987.122-1
Ticket
Advisory qualified
+ Yes
References
+ https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
Notes
CVE-2020-6407 created at 25 Feb 2020 08:37:48
AVG-1102 created at 25 Feb 2020 08:37:48
Packages
+ chromium
Issues
+ CVE-2020-6407
+ CVE-2020-6418
Status
+ Fixed
Severity
+ Unknown
Affected
+ 80.0.3987.116-1
Fixed
+ 80.0.3987.122-1
Ticket
Advisory qualified
+ Yes
References
+ https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
Notes
CVE-2020-6418 created at 25 Feb 2020 08:37:48
AVG-1101 edited at 20 Feb 2020 17:20:34
Fixed
- 2.4.7-7
AVG-1101 created at 20 Feb 2020 17:20:16
Packages
+ ppp
Issues
+ CVE-2020-8597
Status
+ Vulnerable
Severity
+ Medium
Affected
+ 2.4.7-6
Fixed
+ 2.4.7-7
Ticket
Advisory qualified
+ Yes
References
Notes
CVE-2020-8597 created at 20 Feb 2020 17:19:18
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
References
+ https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html
Notes