CVE-2020-6462 – chromium-browser: Use after free in task scheduling
https://notcve.org/view.php?id=CVE-2020-6462
Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en task scheduling en Google Chrome versiones anteriores a la versión 81.0.4044.129, permitió a un atacante remoto que había comprometido el proceso de renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada A flaw was found in the Chromium browser. • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html https://crbug.com/1064891 https://security.gentoo.org/glsa/202005-13 https://www.debian.org/security/2020/dsa-4714 https://access.redhat.com/security/cve/CVE-2020-6462 https://bugzilla.redhat.com/show_bug.cgi?id=1828859 • CWE-416: Use After Free •
CVE-2020-6461 – chromium-browser: Use after free in storage
https://notcve.org/view.php?id=CVE-2020-6461
Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en storage en Google Chrome versiones anteriores a la versión 81.0.4044.129, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML especialmente diseñada. • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html https://crbug.com/1072983 https://security.gentoo.org/glsa/202005-13 https://www.debian.org/security/2020/dsa-4714 https://access.redhat.com/security/cve/CVE-2020-6461 https://bugzilla.redhat.com/show_bug.cgi?id=1828860 • CWE-416: Use After Free •
CVE-2020-12079
https://notcve.org/view.php?id=CVE-2020-12079
Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. ... Beaker versiones anteriores a 0.8.9, permite un escape del sandbox, permitiendo acceso al sistema y una ejecución de código. • https://github.com/beakerbrowser/beaker/issues/1519 https://github.com/beakerbrowser/beaker/releases/tag/0.8.9 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2020-6457 – chromium-browser: Use after free in speech recognizer
https://notcve.org/view.php?id=CVE-2020-6457
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en speech recognizer en Google Chrome versiones anteriores a la versión 81.0.4044.113, permitió a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una página HTML especialmente diseñada. • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_15.html https://crbug.com/1067851 https://www.debian.org/security/2020/dsa-4714 https://access.redhat.com/security/cve/CVE-2020-6457 https://bugzilla.redhat.com/show_bug.cgi?id=1824949 • CWE-416: Use After Free •
CVE-2020-0981 – Microsoft Windows NtFilterToken ParentTokenId Incorrect Setting Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-0981
A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'. ... Un atacante que explotara con éxito la vulnerabilidad podría permitir que una aplicación con un determinado nivel de integridad ejecute código con un nivel de integridad diferente, conllevando a un escape del sandbox. • http://packetstormsecurity.com/files/157248/Microsoft-Windows-NtFilterToken-ParentTokenId-Incorrect-Setting-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0981 • CWE-863: Incorrect Authorization •