The search giant has not disclosed further details of the vulnerabilities so that it gives affected users enough time to install the Chrome update and prevent hackers from exploiting them.Ī successful exploitation of the integer overflow or out-of-bounds write flaws could allow a remote attacker to compromise a vulnerable system by tricking the user into visiting a specially crafted web page that takes advantage of the exploit to execute arbitrary code on the target system. Google has said CVE-2020-6418, which stems from a type confusion error in its V8 JavaScript rendering engine, is being actively exploited, although technical information about the vulnerability is restricted at this time. ![]() The Integer Overflow vulnerability was disclosed by André Bargull privately to Google last month, earning him $5,000 in rewards, while the other two vulnerabilities - CVE-2020-6407 and CVE-2020-6418 - were identified by experts from the Google security team.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |