Multiple Adobe Products Vulnerabilities
July 26, 2024CrowdStrike Alerts Users to New Phishing Scheme Aimed at Germany – Active IOCs
July 26, 2024Multiple Adobe Products Vulnerabilities
July 26, 2024CrowdStrike Alerts Users to New Phishing Scheme Aimed at Germany – Active IOCs
July 26, 2024Severity
Medium
Analysis Summary
CVE-2024-6999 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in FedCM. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-6995 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Fullscreen. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-7004 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient validation of untrusted input in Safe Browsing. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-6993 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Canvas. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-7001 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in HTML. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-7003 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in FedCM. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-7005 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient validation of untrusted input in Safe Browsing. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
Impact
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-6999
- CVE-2024-6995
- CVE-2024-7004
- CVE-2024-6993
- CVE-2024-7001
- CVE-2024-7003
- CVE-2024-7005
Affected Vendors
Affected Products
- Google Chrome 127.0
Remediation
Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.