Chrome code execution execution – CVE-2019-5869
- Google Chrome versions prior to 76.0.3809.132
A vulnerability has been discovered in Google Chrome, which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.
This vulnerability is a use-after-free vulnerability in Blink that can be exploited if a user visits, or is redirected to, a specially crafted web page.
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the browser, obtain sensitive information, bypass security restrictions and perform unauthorized actions, or cause denial-of-service conditions.
- Update to the latest stable version of Chrome
@Office of Information Technology Services
The information provided herein is on “as is” basis, without warranty of any kind.