Government of the Republic of Trinidad and Tobago

TTCSIRT-220.080619: TT-CSIRT Advisory – Chrome Security Updates

TTCSIRT-220.080619: TT-CSIRT Advisory – Chrome Security Updates

Google has released a security update sting that it has discovered in the following vulnerabilities in Google Chrome:

a) Insufficient checks on filesystem – (CVE-2019-5856).

b) Insufficient filtering of Open URL service parameters – (CVE-2019-5858).

c) Insufficient port filtering in CORS for extensions – (CVE-2019-5864).

d) Integer overflow in PDFium – (CVE-2019-5855).

e) Integer overflow in PDFium text rendering – (CVE-2019-5854).

f) Memory corruption in regexp length check – (CVE-2019-5853).

g) Object leak of utility functions – (CVE-2019-5852).

Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser, obtain sensitive information, bypass security restrictions, perform unauthorized actions or cause denial-of-service conditions.

Further information on these vulnerabilities and how they can be mitigated can be found on the Google Chrome Website at