The Indian Computer Emergency Response Team (CERT-In), which comes under the IT Ministry, has warned users of multiple vulnerabilities in Google Chrome which could allow a remote attacker to execute arbitrary code and denial-of-service (DoS) conditions on the targeted system.
A remote attacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system “Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code and denial-of-service (DoS) conditions on the targeted system,” said CERT-In the advisory late on Wednesday.
CERT-In also advised users against a ‘Remote Code Execution’ vulnerability that has been reported in a Zoho Corporation software which could be exploited by an unauthenticated remote attacker to execute arbitrary code on the targeted system.
This vulnerability exists in ‘Zoho ManageEngine ADAudit Plus’ due to a ‘misconfigured XML’ parser that processes user-supplied input without sufficient validation.
“Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to execute arbitrary code on the targeted system,” warned the cyber agency, advising users to upgrade to the latest Zoho ‘ManageEngine ADAudit Plus’ security build update. Awaz The Voice