BROWSER-CHROME -- Snort has detected suspicious traffic known to exploit vulnerabilities present in the Chrome browser. These rules are separate from the "browser-webkit" category; while it uses the Webkit rendering engine, there's a lot of other features to create a secondary Chrome category.
BROWSER-CHROME Google Chrome FileReader use after free attempt
This event is generated when Google Chrome's FileReader interface is targeted in a use after free attempt. Impact: Attempted User Privilege Gain Details: CVE-2019-5786 is a vulnerability in the FileReader interface of the Chrome Browser. The FileReader interface is API that allows browsers read the contents of files stored on a computer. It is in this API that a use-after-free exits that may allow an attacker the ability escape Chromes sandbox and gain the ability to perform remote code execution against a vulnerable system. This vulnerability has been exploited in the wild. Ease of Attack:
This event is generated when Google Chrome's FileReader interface is targeted in a use after free attempt.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE::ATT&CK Framework::Enterprise::Execution::User Execution::Malicious File
MITRE::ATT&CK Framework::Enterprise::Initial Access::Drive-by Compromise
Use After Free
Use After Free (UAF) attacks target computer memory flaws to corrupt the memory execute code. The name refers to attempts to use memory after it has been freed, which can cause a program to crash under normal circumstances, or result in remote code execution in a successful attack.
CVE-2019-5786 |
Loading description
|