![]() ![]() Google has paid out a total of $40,000 in rewards to Man Yue Mo of Semmle for both the vulnerabilities-$20,000 for CVE-2019-13687 and $20,000 for CVE-2019-13688-while the bug bounties for the remaining two vulnerabilities are yet to be decided. Use-after-free in offline pages (CVE-2019-13686) - Reported by Brendon Tiszka.Use-after-free in media (CVE-2019-13687) - Reported by Man Yue Mo of Semmle Security Research Team. ![]() Use-after-free in media (CVE-2019-13688) - Reported by Man Yue Mo of Semmle Security Research Team.Use-after-free in UI (CVE-2019-13685) - Reported by Khalil Zhani.The use-after-free vulnerability is a class of memory corruption issue that allows corruption or modification of data in the memory, enabling an unprivileged user to escalate privileges on an affected system or software. For now, Chrome security team has only revealed that all four vulnerabilities are use-after-free issues in different components of the web browser, as mentioned below, the critical of which could lead to remote code execution attacks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |