Welcome to our weekly review of recent vulnerabilities disclosed this week. The latest overview includes multiple flaws in Google Chrome, Avast Antivirus, Apache HTTP server, Tor Browser, and more.
Google has released security patches to address several dangerous vulnerabilities (CVE-2020-6450, CVE-2020-6451, CVE-2020-6452) in the Chrome browser (versions for Windows, macOS, and Linux), the most severe of which could allow a remote attacker to execute arbitrary code and takeover a target system. The CVE-2020-6450 and CVE-2020-6451 bugs are use after free in WebAudio, while the latter is heap buffer overflow in media.
Antivirus maker Avast has addressed numerous vulnerabilities in its Avast Antivirus software, including four bugs that could be used to remotely gain unauthorized access to otherwise restricted functionality. Exploitation of other issues the company has fixed allowed to achieve a denial of service (DoS) condition, or escalate privileges on the system.
Sonatype Nexus Repository Manager contains three vulnerabilities, two of which (CVE-2020-10199, CVE-2020-10204) can be exploited to remotely execute an arbitrary code on the target system by sending a specially crafted request. The third one (CVE-2020-10203) is a low-severity issue that allows to conduct cross-site scripting (XSS) attacks.
Apache HTTP Server web server software has two flaws using which an attacker could get access to sensitive data or to redirect victims to arbitrary URL.
Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 22.214.171.124, 126.96.36.199, 4.00.00.00 contain a high-risk stack-based buffer overflow (CVE-2020-5344) vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.
The Tor Project has released a Tor 0.4.3.3-alpha version that fixes several bugs, including a major denial-of-service vulnerability (CVE-2020-10592) that affected all released Tor instances since 0.2.1.5-alpha. Using this vulnerability, an attacker could cause Tor instances to consume a huge amount of CPU, disrupting their operations for several seconds or minutes. This attack could be launched by anybody against a relay, or by a directory cache against any client that had connected to it.
Also, this week came to light a vulnerability in the Zoom client for Windows, which could allow attackers to steal the Windows login credentials of users who click on the link. The vulnerability exists due to Zoom client for Windows automatically processes comments in chat and converts URLs with UNC path into links. A remote attacker can trick the victim into following this link and gain access to NTLM credentials, sent by the victim's system.