March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Adobe Products Vulnerabilities
September 30, 2024New HTML Smuggling Campaign Targets Russian Users with DCRat Malware – Active IOCs
September 30, 2024Multiple Adobe Products Vulnerabilities
September 30, 2024New HTML Smuggling Campaign Targets Russian Users with DCRat Malware – Active IOCs
September 30, 2024
Severity
Medium
Analysis Summary
CVE-2023-7282 CVSS:4.3
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Navigation. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2023-7281 CVSS:4.3
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Compositing. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2018-20072 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in PDF. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
Impact
- Security Bypass
Indicators of Compromise
CVE
- CVE-2023-7282
- CVE-2023-7281
- CVE-2018-20072
Affected Vendors
Google
Affected Products
- Google Chrome - 113.0
- Google Chrome - 113.0.5672.63
- Google Chrome - 119.0
- Google Chrome - 119.0.6045.105
- Google Chrome - 73.0
- Google Chrome - 73.0.3683.75
Remediation
Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.