PT-2020-6537 · Google+3 · Google Chrome+3

Mark Brand

·

Published

2020-10-13

·

Updated

2024-06-15

·

CVE-2020-15986

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 86.0.4240.75
Description The issue is caused by an integer overflow in the media component, which can be exploited by a remote attacker to potentially cause heap corruption. This can be achieved via a crafted HTML page.
Recommendations For versions prior to 86.0.4240.75, update to version 86.0.4240.75 or later to resolve the issue.

Fix

Integer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-416

Related Identifiers

ALT-PU-2020-3035
ALT-PU-2020-3144
ALT-PU-2021-1157
ALT-PU-2021-1210
ALT-PU-2021-1379
BDU:2021-06071
CVE-2020-15986
DSA-4824-1
OPENSUSE-SU-2020:1705-1
OPENSUSE-SU-2020:1715-1
OPENSUSE-SU-2020:1829-1
OPENSUSE-SU-2020_1705-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:12948-1
RHSA-2020:4235
RHSA-2020_4235

Affected Products

Alt Linux
Google Chrome
Red Hat
Suse