Multiple Google Chrome Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-7282 CVSS:4.3

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Navigation. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2023-7281 CVSS:4.3

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Compositing. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2018-20072 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in PDF. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2023-7282
CVE-2023-7281
CVE-2018-20072

Affected Vendors

Google

Affected Products

Google Chrome - 113.0
Google Chrome - 113.0.5672.63
Google Chrome - 119.0
Google Chrome - 119.0.6045.105
Google Chrome - 73.0
Google Chrome - 73.0.3683.75

Remediation

Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.

CVE-2023-7282

CVE-2023-7281

CVE-2018-20072

Multiple Adobe Products Vulnerabilities

New HTML Smuggling Campaign Targets Russian Users with DCRat Malware – Active IOCs

Multiple Google Chrome Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan