PT-2019-5132 · Google+3 · Google Chrome+3

Khalil Zhani

Publicado

2019-12-10

Atualizado

2024-06-15

CVE-2019-13761

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 79.0.3945.79

Description The issue is related to incorrect security UI in Omnibox, allowing a remote attacker to perform domain spoofing via IDN homographs using a crafted domain name. It is also associated with an insufficient input validation mechanism, which can be exploited by a remote attacker to impact data integrity using a crafted HTML page.

Recommendations For versions prior to 79.0.3945.79, update to version 79.0.3945.79 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2019-3331

ALT-PU-2020-1050

ALT-PU-2020-1707

ALT-PU-2020-2441

BDU:2020-01799

CVE-2019-13761

DSA-4606-1

MGASA-2020-0078

OPENSUSE-SU-2019:2692-1

OPENSUSE-SU-2019:2694-1

OPENSUSE-SU-2019_2692-1

OPENSUSE-SU-2024:10681-1

OPENSUSE-SU-2024:12948-1

RHSA-2019:4238

RHSA-2019_4238

Produtos afetados

Alt Linux

Google Chrome

Red Hat

Suse

PT-2019-5132 · Google+3 · Google Chrome+3

CVE-2019-13761

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2348