CVE-2019-5850

Description

Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Risk Information

Base Score

9.6

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.356

Associated Vulnerability

Vulnerability	OS Platform
Update Google Chrome (76.0.3809.87) fixed multiple vulnerabilites	Windows
Update Google Chrome (x64) (76.0.3809.87) fixed multiple vulnerabilites	Windows
Multiple vulnerabilities are fixed in Update for Google Chrome For Mac (76.0.3809.87)	Mac
chromium security update(DSA-4500-1) chromium_76.0.3809.100-1~deb10u1_amd64.deb	Linux
Update Google Chrome (76.0.3809.87) fixed multiple vulnerabilites (For Debian)	Linux
Update Google Chrome (76.0.3809.87) fixed multiple vulnerabilites (For Centos)	Linux
Update Google Chrome (76.0.3809.87) fixed multiple vulnerabilites (For RedHat)	Linux
Update Google Chrome (76.0.3809.87) fixed multiple vulnerabilites (For Suse)	Linux
Update Google Chrome (76.0.3809.87) fixed multiple vulnerabilites (For Ubuntu)	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-310523	Google Chrome (76.0.3809.87)
PATCH-310524	Google Chrome (x64) (76.0.3809.87)
PATCH-609673	Google Chrome for Mac (132.0.6834.83, 132.0.6834.84)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234