Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2020-16044

Published: 09/02/2021 Updated: 21/07/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

Use after free in WebRTC in Google Chrome before 88.0.4324.96 allowed a remote malicious user to potentially exploit heap corruption via a crafted SCTP packet.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

Vendor Advisories

Debian CVElist Bug Report Logs: chromium: 88.0.4324.96 stable release
Debian Bug report logs - #980564 chromium: 880432496 stable release Package: src:chromium; Maintainer for src:chromium is Debian Chromium Team <chromium@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 20 Jan 2021 16:15:01 UTC Severity: grave Tags: security, upstream Found in ...
Debian Security Advisories: DSA-4842-1 thunderbird -- security update
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or an information leak For the stable distribution (buster), these problems have been fixed in version 1:7870-1~deb10u1 We recommend that you upgrade your thunderbird packages For the detailed security status of thunder ...
Debian Security Advisories: DSA-4827-1 firefox-esr -- security update
A security issue was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code For the stable distribution (buster), this problem has been fixed in version 7861esr-1~deb10u1 We recommend that you upgrade your firefox-esr packages For the detailed security status of firefox-esr please refer to i ...
Debian Security Advisories: DSA-4846-1 chromium -- security update
Several vulnerabilities have been discovered in the chromium web browser CVE-2020-16044 Ned Williamson discovered a use-after-free issue in the WebRTC implementation CVE-2021-21117 Rory McNamara discovered a policy enforcement issue in Cryptohome CVE-2021-21118 Tyler Nighswander discovered a data validation issue in the v8 javas ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Red Hat: Critical: thunderbird security update
Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base s ...
Red Hat: Critical: thunderbird security update
Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An update for thunderbird is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base s ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Red Hat: Critical: thunderbird security update
Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An update for thunderbird is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Sc ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Sy ...
Red Hat: Critical: thunderbird security update
Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An update for thunderbird is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Sc ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring Sy ...
Amazon Linux 2: ALAS2-2021-1594
A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free We presume that with enough effort it could have been exploited to run arbitrary code (CVE-2020-16044) ...
Mozilla: Security Vulnerabilities fixed in Firefox 84.0.2, Firefox for Android 84.1.3, and Firefox ESR 78.6.1
Mozilla Foundation Security Advisory 2021-01 Security Vulnerabilities fixed in Firefox 8402, Firefox for Android 8413, and Firefox ESR 7861 Announced January 6, 2021 Impact critical Products Firefox, Firefox ESR, Firefox for Android Fi ...
Mozilla: Security Vulnerabilities fixed in Thunderbird 78.6.1
Mozilla Foundation Security Advisory 2021-02 Security Vulnerabilities fixed in Thunderbird 7861 Announced January 11, 2021 Impact critical Products Thunderbird Fixed in Thunderbird 7861 ...
Arch Linux Issues:
A security issue was found in Firefox before 8402 A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free Mozilla presumes that with enough effort it could have been exploited to run arbitrary code ...
Google Chrome: Stable Channel Update for Desktop
 The Chrome team is delighted to announce the promotion of Chrome 88 to the stable channel for Windows, Mac and Linux This will roll out over the coming days/weeksChrome 880432496 (for Mac and Linux) and 8804324104 for windows contains a number of fixes and improvements -- a list of changes is available in the log Watch out for u ...

Recent Articles

Microsoft emits 83 security fixes – and miscreants are already exploiting one of the vulns in Windows Defender
The Register • Thomas Claburn in San Francisco • 12 Jan 2021

Redmond keeps us hanging with on-premises Exchange flaw still to be fixed Patch Tuesday brings bug fixes for OpenSSL, IBM, SAP, Kubernetes, Adobe, and Red Hat. And Microsoft, of course

Patch Tuesday Microsoft on Tuesday released updates addressing 83 vulnerabilities in its software, which doesn't include the 13 flaws fixed in its Edge browser last week. That's up from 58 repairs made in December, 2020, a relatively light month by recent standards. Affected applications include: Microsoft Windows, Microsoft Edge (EdgeHTML-based), Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Windows Codecs Library, Visual Studio, SQL Server, Microsoft Malware Protection...

Read more...

References

CWE-787CWE-416https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.htmlhttps://crbug.com/1163228https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980564https://nvd.nist.govhttps://www.debian.org/security/2021/dsa-4842
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook