BROWSER-CHROME -- Snort has detected suspicious traffic known to exploit vulnerabilities present in the Chrome browser. These rules are separate from the "browser-webkit" category; while it uses the Webkit rendering engine, there's a lot of other features to create a secondary Chrome category.
BROWSER-CHROME Google Chrome FileReader use after free attempt
This event is generated when Google Chrome's FileReader interface is targeted in a use after free attempt.
Attempted User Privilege Gain
CVE-2019-5786 is a vulnerability in the FileReader interface of the Chrome Browser. The FileReader interface is API that allows browsers read the contents of files stored on a computer. It is in this API that a use-after-free exits that may allow an attacker the ability escape Chromes sandbox and gain the ability to perform remote code execution against a vulnerable system.
This vulnerability has been exploited in the wild.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2019-5786Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
||Ease of Access||LOW