Описание
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 5 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2020:4330 | 26.10.2020 |
| Red Hat Enterprise Linux 6 | thunderbird | Fixed | RHSA-2020:4947 | 05.11.2020 |
| Red Hat Enterprise Linux 6 Supplementary | chromium-browser | Fixed | RHSA-2020:4235 | 13.10.2020 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2020:4310 | 22.10.2020 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2020:4909 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2020:4317 | 22.10.2020 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2020:4913 | 04.11.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | firefox | Fixed | RHSA-2020:4311 | 22.10.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ...
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Уязвимость реализации технологии WebRTC программных средств Google Chrome, Firefox, Firefox-ESR и Thunderbird, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
8.8 High
CVSS3