Unrated severityNVD Advisory· Published Nov 3, 2020· Updated Aug 4, 2024
CVE-2020-16011
CVE-2020-16011
Description
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Affected products
9- osv-coords8 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.1%20NonFreepkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.2%20NonFreepkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP2pkg:rpm/suse/gn&distro=SUSE%20Package%20Hub%2015%20SP2
< 86.0.4240.183-bp151.3.119.1+ 7 more
- (no CPE)range: < 86.0.4240.183-bp151.3.119.1
- (no CPE)range: < 86.0.4240.183-bp151.3.119.1
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 72.0.3815.320-lp152.2.21.1
- (no CPE)range: < 72.0.3815.320-lp152.2.21.1
- (no CPE)range: < 86.0.4240.183-bp151.3.119.1
- (no CPE)range: < 86.0.4240.183-bp152.2.26.1
- (no CPE)range: < 0.1807-bp152.2.3.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-11/msg00017.htmlmitrevendor-advisoryx_refsource_SUSE
- www.debian.org/security/2021/dsa-4824mitrevendor-advisoryx_refsource_DEBIAN
- packetstormsecurity.com/files/159975/Chrome-ConvertToJavaBitmap-Heap-Buffer-Overflow.htmlmitrex_refsource_MISC
- chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.htmlmitrex_refsource_MISC
- crbug.com/1144489mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.