Lucene search
Veracode Vulnerability DatabaseVERACODE:42557HistoryAug 07, 2023 - 1:17 a.m.
Privilege Escalation
2023-08-0701:17:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
chromium
privilege escalation
vulnerability
insufficient data validation
library
attacker
symbolic link
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
10.0%
chromium is vulnerable to Privilege Escalation. The vulnrability exists due to the insufficient data validation in Installer of the library, which allows an attacker to perform privilege escalation via malliciously crafted symbolic link.
Related
prion
prion
Input validation
2023-05-30 22:15:00
nvd
nvd
CVE-2023-2939
2023-05-30 22:15:10
debiancve
debiancve
CVE-2023-2939
2023-05-30 22:15:10
ubuntucve
ubuntucve
CVE-2023-2939
2023-05-30 00:00:00
cve
cve
CVE-2023-2939
2023-05-30 22:15:10
cnvd
cnvd
Google Chrome Installer Component Security Bypass Vulnerability
2023-05-31 00:00:00
osv
osv
CVE-2023-2939
2023-05-30 22:15:10
chromium - security update
2023-06-03 00:00:00
mscve
mscve
Chromium: CVE-2023-2939 Insufficient data validation in Installer
2023-06-02 07:00:00
cvelist
cvelist
CVE-2023-2939
2023-05-30 21:31:41
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (fd87a250-ff78-11ed-8290-a8a1599412c6)
2023-05-31 00:00:00
Google Chrome < 114.0.5735.90 Multiple Vulnerabilities
2023-05-30 00:00:00
Google Chrome < 114.0.5735.90 Multiple Vulnerabilities
2023-05-30 00:00:00
openvas
openvas
debian
debian
[SECURITY] [DSA 5418-1] chromium security update
2023-06-03 14:12:04
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-05-30 00:00:00
kaspersky
kaspersky
KLA49377 Multiple vulnerabilities in Microsoft Browser
2023-06-02 00:00:00
KLA49331 Multiple vulnerabilities in Google Chrome
2023-05-30 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2023-05-30 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2023
2023-06-13 20:49:27
gentoo
gentoo
QtWebEngine: Multiple Vulnerabilities
2023-11-25 00:00:00
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2024-01-31 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
10.0%
Related for VERACODE:42557