Vulnerabilities > CVE-2020-6496 - Use After Free vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_A2CAF7BDA71911EAA857E09467587C17.NASL description Chrome Releases reports : This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. - [1082105] High CVE-2020-6493: Use after free in WebAuthentication. Reported by Anonymous on 2020-05-13 - [1083972] High CVE-2020-6494: Incorrect security UI in payments. Reported by Juho Nurminen on 2020-05-18 - [1072116] High CVE-2020-6495: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-04-18 - [1085990] High CVE-2020-6496: Use after free in payments. Reported by Khalil Zhani on 2020-05-24 last seen 2020-06-11 modified 2020-06-08 plugin id 137216 published 2020-06-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137216 title FreeBSD : chromium -- multiple vulnerabilities (a2caf7bd-a719-11ea-a857-e09467587c17) NASL family Windows NASL id GOOGLE_CHROME_83_0_4103_97.NASL description The version of Google Chrome installed on the remote Windows host is prior to 83.0.4103.97. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_06_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-10 modified 2020-06-03 plugin id 137081 published 2020-06-03 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137081 title Google Chrome < 83.0.4103.97 Multiple Vulnerabilities NASL family MacOS X Local Security Checks NASL id MACOSX_GOOGLE_CHROME_83_0_4103_97.NASL description The version of Google Chrome installed on the remote macOS host is prior to 83.0.4103.97. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_06_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-10 modified 2020-06-03 plugin id 137080 published 2020-06-03 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137080 title Google Chrome < 83.0.4103.97 Multiple Vulnerabilities
References
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html
- https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
- https://crbug.com/1085990
- https://crbug.com/1085990
- https://security.gentoo.org/glsa/202006-02
- https://security.gentoo.org/glsa/202006-02
- https://www.debian.org/security/2020/dsa-4714
- https://www.debian.org/security/2020/dsa-4714