Vulnerability Name:

CVE-2020-16011 (CCN-190999)

Assigned:2020-11-02
Published:2020-11-02
Updated:2021-03-11
Summary:Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVSS v3 Severity:9.6 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
8.6 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.9 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-787
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-16011

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2020:1829

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2020:1831

Source: MISC
Type: Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/159975/Chrome-ConvertToJavaBitmap-Heap-Buffer-Overflow.html

Source: CCN
Type: Google Chrome Releases Web site
Stable Channel Update for Desktop

Source: MISC
Type: Release Notes, Third Party Advisory
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html

Source: MISC
Type: Permissions Required, Third Party Advisory
https://crbug.com/1144489

Source: XF
Type: UNKNOWN
google-chrome-cve202016011-bo(190999)

Source: CCN
Type: Packet Storm Security [11-9-2020]
Chrome ConvertToJavaBitmap Heap Buffer Overflow

Source: DEBIAN
Type: Third Party Advisory
DSA-4824

Vulnerable Configuration:Configuration 1:
  • cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 86.0.4240.183)
  • AND
  • cpe:/o:microsoft:windows:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
  • OR cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:leap:15.2:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:202016011
    V
    		CVE-2020-16011
    2022-06-30
    oval:org.opensuse.security:def:112066
    P
    		chromedriver-93.0.4577.82-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:74683
    P
    		Security update for ImageMagick (Moderate)
    2021-12-10
    oval:org.opensuse.security:def:64818
    P
    		Security update for openssh (Important)
    2021-12-06
    oval:org.opensuse.security:def:64617
    P
    		Security update for postgresql14 (Important)
    2021-11-22
    oval:org.opensuse.security:def:64796
    P
    		Security update for binutils (Moderate)
    2021-11-09
    oval:org.opensuse.security:def:64592
    P
    		Security update for krb5 (Moderate)
    2021-10-18
    oval:org.opensuse.security:def:105615
    P
    		chromedriver-93.0.4577.82-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:63203
    P
    		dpdk-18.11-2.43 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:64574
    P
    		Security update for wireshark (Moderate)
    2021-09-13
    oval:org.opensuse.security:def:74658
    P
    		Security update for go1.15 (Moderate)
    2021-08-20
    oval:org.opensuse.security:def:64552
    P
    		Security update for webkit2gtk3 (Important)
    2021-08-03
    oval:org.opensuse.security:def:64710
    P
    		Security update for gstreamer-plugins-bad (Important)
    2021-06-10
    oval:org.opensuse.security:def:64711
    P
    		Security update for salt (Important)
    2021-06-10
    oval:org.opensuse.security:def:63543
    P
    		kernel-default-extra-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:64689
    P
    		Security update for graphviz (Critical)
    2021-05-19
    oval:org.opensuse.security:def:64688
    P
    		Security update for ipvsadm (Low)
    2021-05-13
    oval:org.opensuse.security:def:64480
    P
    		Security update for librsvg (Important)
    2021-04-28
    oval:org.opensuse.security:def:64464
    P
    		Security update for ceph (Moderate)
    2021-04-08
    oval:org.opensuse.security:def:100264
    P
    		 (Important)
    2021-04-01
    oval:org.opensuse.security:def:64505
    P
    		Security update for postgresql, postgresql13 (Moderate)
    2021-01-20
    oval:org.opensuse.security:def:63644
    P
    		transfig-3.2.6a-4.6.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63405
    P
    		apache-commons-fileupload-1.4-1.63 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:64438
    P
    		Security update for python-cryptography (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:64336
    P
    		libjasper4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63769
    P
    		Security update for libsolv, libzypp, zypper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:75010
    P
    		Security update for claws-mail (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64977
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:64096
    P
    		Security update for gcc10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:75143
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:63847
    P
    		Security update for strongswan (Important)
    2020-12-01
    oval:org.opensuse.security:def:65089
    P
    		Security update for python-pip (Important)
    2020-12-01
    oval:org.opensuse.security:def:64362
    P
    		libopus0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64230
    P
    		cpio on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63795
    P
    		Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:75031
    P
    		Security update for hylafax+ (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64122
    P
    		Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:75164
    P
    		Security update for opera (Important)
    2020-12-01
    oval:org.opensuse.security:def:74532
    P
    		Security update of chromium (Low)
    2020-12-01
    oval:org.opensuse.security:def:64256
    P
    		gc-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64223
    P
    		c-ares-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64898
    P
    		Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63994
    P
    		Security update for dnsmasq (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:74557
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64956
    P
    		Security update for libbsd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64245
    P
    		elfutils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:65068
    P
    		Security update for u-boot (Important)
    2020-12-01
    oval:org.opensuse.security:def:64920
    P
    		Security update for cpio (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:93551
    P
    		 (Moderate)
    2020-11-19
    oval:org.opensuse.security:def:110307
    P
    		Security update for opera (Important)
    2020-11-17
    oval:org.opensuse.security:def:110859
    P
    		Security update for opera (Important)
    2020-11-17
    oval:org.opensuse.security:def:110282
    P
    		Security update for chromium (Important)
    2020-11-05
    oval:org.opensuse.security:def:103074
    P
    		Security update for chromium, gn (Important)
    2020-11-05
    oval:org.opensuse.security:def:96384
    P
    		Security update for chromium, gn (Important)
    2020-11-05
    oval:org.opensuse.security:def:109731
    P
    		Security update for chromium, gn (Important)
    2020-11-05
    oval:org.opensuse.security:def:100259
    P
    		Security update for chromium (Important)
    2020-11-05
    oval:org.opensuse.security:def:110838
    P
    		Security update for chromium (Important)
    2020-11-05
    oval:org.opensuse.security:def:93546
    P
    		Security update for chromium (Important)
    2020-11-05
    BACK
    google chrome *
    microsoft windows -
    opensuse backports sle 15.0 sp1
    opensuse backports sle 15.0 sp2
    opensuse leap 15.1
    opensuse leap 15.2
    debian debian linux 10.0