Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2020-15969

Published: 03/11/2020 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Use after free in WebRTC in Google Chrome before 86.0.4240.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

debian debian linux 10.0

fedoraproject fedora 31

fedoraproject fedora 32

fedoraproject fedora 33

opensuse backports sle 15.0

apple ipados

apple safari

apple watchos

apple macos

apple tvos

apple iphone os

Vendor Advisories

Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Important: firefox security update
Synopsis Important: firefox security update Type/Severity Security Advisory: Important Topic An update for firefox is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Red Hat: Important: firefox security update
Synopsis Important: firefox security update Type/Severity Security Advisory: Important Topic An update for firefox is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Red Hat: Important: firefox security update
Synopsis Important: firefox security update Type/Severity Security Advisory: Important Topic An update for firefox is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Red Hat: Important: firefox security update
Synopsis Important: firefox security update Type/Severity Security Advisory: Important Topic An update for firefox is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Critical: chromium-browser security update
Synopsis Critical: chromium-browser security update Type/Severity Security Advisory: Critical Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scor ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Important: firefox security update
Synopsis Important: firefox security update Type/Severity Security Advisory: Important Topic An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vul ...
Debian Security Advisories: DSA-4824-1 chromium -- security update
Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure For the stable distribution (buster), these problems have been fixed in version 870428088-04~deb10u1 We recommend that you upgrade your chromium packages For the detailed sec ...
Debian Security Advisories: DSA-4778-1 firefox-esr -- security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code For the stable distribution (buster), these problems have been fixed in version 7840esr-1~deb10u2 We recommend that you upgrade your firefox-esr packages For the detailed security status of firefox-esr ...
Debian Security Advisories: DSA-4780-1 thunderbird -- security update
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service For the stable distribution (buster), these problems have been fixed in version 1:7840-1~deb10u1 We recommend that you upgrade your thunderbird packages For the detailed security status of thunderbird please refer to ...
Amazon Linux 2: ALAS2-2020-1572
The Mozilla Foundation Security Advisory describes this flaw as:Mozilla developer reported memory safety bugs present in Firefox 80 and Firefox ESR 782 Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2020-15673) The Mozilla Foundatio ...
Arch Linux Issues:
A use after free security issue has been found in the WebRTC component of the chromium browser before 860424075 ...
Mozilla: Security Vulnerabilities fixed in Firefox 82
Mozilla Foundation Security Advisory 2020-45 Security Vulnerabilities fixed in Firefox 82 Announced October 20, 2020 Impact high Products Firefox Fixed in Firefox 82 ...
Mozilla: Security Vulnerabilities fixed in Firefox ESR 78.4
Mozilla Foundation Security Advisory 2020-46 Security Vulnerabilities fixed in Firefox ESR 784 Announced October 20, 2020 Impact high Products Firefox ESR Fixed in Firefox ESR 784 ...
Mozilla: Security Vulnerabilities fixed in Thunderbird 78.4
Mozilla Foundation Security Advisory 2020-47 Security Vulnerabilities fixed in Thunderbird 784 Announced October 21, 2020 Impact high Products Thunderbird Fixed in Thunderbird 784 ...
Google Chrome: Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 86 to the stable channel for Windows, Mac and Linux This will roll out over the coming days/weeksChrome 860424075 contains a number of fixes and improvements -- a list of changes is available in the log Watch out for upcoming Chrome and Chromium blog pos ...

Mailing Lists

Full Disclosure: APPLE-SA-2020-12-14-5 watchOS 7.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-12-14-5 watchOS 72 watchOS 72 addresses the following issues Information about the security content is also available at supportapplecom/HT212009 CoreAudio Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted audio file may lead to arbit ...
Full Disclosure: APPLE-SA-2020-12-14-8 Safari 14.0.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-12-14-8 Safari 1402 Safari 1402 addresses the following issues Information about the security content is also available at supportapplecom/HT212007 WebRTC Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to arbi ...
Full Disclosure: APPLE-SA-2020-12-14-7 tvOS 14.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-12-14-7 tvOS 143 tvOS 143 addresses the following issues Information about the security content is also available at supportapplecom/HT212005 CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may lead to arbitrary co ...
Full Disclosure: APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-12-14-3 macOS Big Sur 111, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave macOS Big Sur 111, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave addresses the following issues Information about the security content is also available at supp ...
Full Disclosure: APPLE-SA-2020-12-14-1 iOS 14.3 and iPadOS 14.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-12-14-1 iOS 143 and iPadOS 143 iOS 143 and iPadOS 143 addresses the following issues Information about the security content is also available at supportapplecom/HT212003 App Store Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod ...

References

CWE-787CWE-416https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.htmlhttps://crbug.com/1124659http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.htmlhttps://support.apple.com/kb/HT212009https://support.apple.com/kb/HT212007https://support.apple.com/kb/HT212005https://support.apple.com/kb/HT212003https://support.apple.com/kb/HT212011http://seclists.org/fulldisclosure/2020/Dec/30http://seclists.org/fulldisclosure/2020/Dec/29http://seclists.org/fulldisclosure/2020/Dec/24http://seclists.org/fulldisclosure/2020/Dec/27http://seclists.org/fulldisclosure/2020/Dec/26https://www.debian.org/security/2021/dsa-4824https://security.gentoo.org/glsa/202101-30https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GWCWNHTTYOH6HSFUXPGPBB6J6JYZHZE/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/24QFL4C3AZKMFVL7LVSYMU2DNE5VVUGS/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:4913https://www.debian.org/security/2021/dsa-4824
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook