Show filters

Showing topic results for "CVE-2019-13720":

(1-2 of 2)

Sort by:
Attacker Value
Very High

Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium

Disclosure Date: October 10, 2019 (last updated October 13, 2020)
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights. Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
1
Attacker Value
High

CVE-2019-1458

Disclosure Date: December 10, 2019 (last updated July 24, 2020)
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.