Log

ASA-202001-4 edited at 14 Jan 2020 07:41:52
Impact
+ A remote attacker could bypass security measures or execute arbitrary code on the affected host.
ASA-202001-4 created at 14 Jan 2020 07:41:25
AVG-1086 edited at 14 Jan 2020 07:41:23
Status
- Vulnerable
+ Fixed
Fixed
+ 68.4.1-1
CVE-2019-13764 edited at 13 Jan 2020 16:56:12
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13763 edited at 13 Jan 2020 16:55:51
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13762 edited at 13 Jan 2020 16:54:57
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13761 edited at 13 Jan 2020 16:54:39
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13759 edited at 13 Jan 2020 16:54:22
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13758 edited at 13 Jan 2020 16:54:03
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Authentication bypass
Description
+ Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13757 edited at 13 Jan 2020 16:52:21
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes