Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2020/Nov/33 | Mailing List Not Applicable Third Party Advisory |
https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html | Third Party Advisory |
https://crbug.com/1139963 | Exploit Issue Tracking Third Party Advisory |
https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html | Exploit Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/ | |
https://security.gentoo.org/glsa/202011-12 | Third Party Advisory |
https://security.gentoo.org/glsa/202012-04 | Third Party Advisory |
https://security.gentoo.org/glsa/202401-19 | |
https://www.debian.org/security/2021/dsa-4824 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
15 Jan 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:18
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
28 Jan 2022, 17:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Freetype freetype
|
|
References | (MISC) https://crbug.com/1139963 - Exploit, Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:* |
11 Feb 2021, 19:50
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:* |
|
References | (GENTOO) https://security.gentoo.org/glsa/202012-04 - Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2020/Nov/33 - Mailing List, Not Applicable, Third Party Advisory | |
References | (MISC) https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html - Exploit, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2021/dsa-4824 - Third Party Advisory |
06 Feb 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Jan 2021, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-11-03 03:15
Updated : 2024-02-15 02:00
NVD link : CVE-2020-15999
Mitre link : CVE-2020-15999
CVE.ORG link : CVE-2020-15999
JSON object : View
Products Affected
freetype
- freetype
debian
- debian_linux
- chrome
opensuse
- backports_sle
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write