SB2019060424 - Multiple vulnerabilities in Google Chrome
Published: June 4, 2019 Updated: August 17, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 14 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2019-5828)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in ServiceWorker. A remote attacker can trick the victim to visit a specially crafted webpage, trigger use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
2) Use-after-free (CVE-ID: CVE-2019-5829)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the Download Manager component in Google Chrome. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
3) Out-of-bounds read (CVE-ID: CVE-2019-5835)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the Swiftshader component in Google Chrome. A remote attacker can trick the victim into visiting a specially crafted web page, trigger an out-of-bounds read error and gain access to sensitive information.
4) Heap-based buffer overflow (CVE-ID: CVE-2019-5836)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted HTML content in Angle. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
5) Out-of-bounds read (CVE-ID: CVE-2019-5849)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Skia graphics library. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
6) Overly permissive cross-domain whitelist (CVE-ID: CVE-2019-5830)
The vulnerability allows a remote attacker to bypass the CORS protection mechanism.
The vulnerability exists due to incorrect processing of credentials in CORS. A remote attacker can bypass implemented security restrictions.
7) Out-of-bounds write (CVE-ID: CVE-2019-5831)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error in map processing in V8 engine. A remote attacker can trick the victim to open a specially crafted website, trigger an out-of-bounds write and execute arbitrary code on the target system.
8) Overly permissive cross-domain whitelist (CVE-ID: CVE-2019-5832)
The vulnerability allows a remote attacker to bypass the CORS protection mechanism.
The vulnerability exists due to incorrect processing of CORS in XHR requests. A remote attacker can bypass implemented security restrictions.
9) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2019-5833)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect dialog box scoping. A remote attacker can trick the victim to visit a malicious page and spoof the page content.
10) Spoofing attack (CVE-ID: CVE-2019-5834)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in Omnibox on iOS. A remote attacker can spoof address bar.
11) Overly permissive cross-domain whitelist (CVE-ID: CVE-2019-5837)
The vulnerability allows a remote attacker to bypass the CORS protection mechanism.
The vulnerability exists due to incorrect processing of cross-origin resources in Appcache. A remote attacker can bypass implemented security restrictions.
12) Improper access control (CVE-ID: CVE-2019-5838)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions to tabs in Extensions. A remote attacker can use an install extension to gain unauthorized access to browser tabs.
13) Input validation error (CVE-ID: CVE-2019-5839)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to excessive data validation in URL parser in Blink. A remote attacker can trick the victim to click on a specially crafted link and perform a denial of service (DoS) attack.
14) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2019-5840)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect security UI in popup blocker. A remote attacker can bypass implemented security restrictions.
Remediation
Install update from vendor's website.
References
- https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html
- https://crbug.com/958533
- https://crbug.com/939239
- https://crbug.com/947342
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/
- https://crbug.com/665766
- https://crbug.com/959390
- https://crbug.com/945067
- https://crbug.com/962368
- https://crbug.com/918293
- https://crbug.com/893087
- https://crbug.com/925614
- https://crbug.com/951782