Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-6514

Опубликовано: 22 июл. 2020
Источник: debian

Описание

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
chromiumfixed84.0.4147.89-1experimentalpackage
chromiumfixed87.0.4280.88-0.1package
chromiumend-of-lifestretchpackage
firefoxfixed79.0-1package
firefox-esrfixed68.11.0esr-1package
thunderbirdfixed1:68.11.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-6514

  • https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-6514

  • https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-6514

  • https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-6514

Связанные уязвимости

ubuntu логотип

CVE-2020-6514

CVSS3: 6.5
ubuntu
больше 5 лет назад

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

redhat логотип

CVE-2020-6514

CVSS3: 6.5
redhat
больше 5 лет назад

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

nvd логотип

CVE-2020-6514

CVSS3: 6.5
nvd
больше 5 лет назад

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

github логотип

GHSA-7vv8-8vrw-6j74

github
больше 3 лет назад

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

fstec логотип

BDU:2021-01749

CVSS3: 5.3
fstec
больше 5 лет назад

Уязвимость реализация WebRTC веб-браузеров Google Chrome, Firefox, Firefox-ESR и почтового клиента Thunderbird, связанная с переполнением буфера кучи, позволяющая нарушителю нарушить целостность данных