The Latest in IT Security

Google Patches Several Chrome Flaws That Can Be Exploited via Malicious Extensions

04
Aug
2021
Google Patches Several Chrome Flaws That Can Be Exploited via Malicious Extensions

image credit: pixabay

Researchers Leecraso and Guang Gong of the 360 Alpha Lab team at Chinese cybersecurity firm Qihoo 360 have earned $20,000 for a high-severity vulnerability tracked as CVE-2021-30590. Google described the issue as a heap buffer overflow in Bookmarks.

Leecraso told SecurityWeek that CVE-2021-30590 is a sandbox escape vulnerability that can be “exploited in combination with an extension or a compromised renderer.” An attacker can leverage the flaw to achieve remote code execution outside Chrome’s sandbox.

Related posts:
  1. Google Chrome Bugs Open Browsers to Attack
  2. Google Patches Actively Exploited Chrome Vulnerabilities
  3. Threat and vulnerability management market revenue to reach $5.3 billion
  4. Silver Bullets to Address Emerging Threats and Maintain Your Security Posture
  5. Google patches Chrome bug from fizzled Pwn2Own hack

Read More

Tags:  
Written by Feedproxy
0 Comments
Comments are closed.

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments