PT-2019-4141 · Google+2 · Google Chrome+2

Mohamed Ouad

Publicado

2013-11-15

Atualizado

2020-08-24

CVE-2019-15684

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Kaspersky Protection extension for Google Chrome versions prior to 30.112.62.0

Description The issue is related to improper authorization in the Kaspersky Protection extension for Google Chrome, allowing unauthorized access to its features. This could lead to the removal of other installed extensions by a remote attacker.

Recommendations For versions prior to 30.112.62.0, update to version 30.112.62.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the extension's features until the update is applied.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

ALT-PU-2013-1119

BDU:2019-04721

CVE-2019-15684

Produtos afetados

Alt Linux

Google Chrome

Kaspersky Protection Extension

PT-2019-4141 · Google+2 · Google Chrome+2

CVE-2019-15684

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6