PT-2019-4141 · Google+2 · Google Chrome+2

Mohamed Ouad

Published

2013-11-15

Updated

2020-08-24

CVE-2019-15684

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Kaspersky Protection extension for Google Chrome versions prior to 30.112.62.0

Description The issue is related to improper authorization in the Kaspersky Protection extension for Google Chrome, allowing unauthorized access to its features. This could lead to the removal of other installed extensions by a remote attacker.

Recommendations For versions prior to 30.112.62.0, update to version 30.112.62.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the extension's features until the update is applied.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

ALT-PU-2013-1119

BDU:2019-04721

CVE-2019-15684

Affected Products

Alt Linux

Google Chrome

Kaspersky Protection Extension

PT-2019-4141 · Google+2 · Google Chrome+2

CVE-2019-15684

Weakness Enumeration

Related Identifiers

Affected Products

References · 6