HomePentest-Tools.com Logo

Google Chrome Multiple Vulnerabilities-02 Dec15 (Linux) CVE-2015-6788CVE-2015-6789CVE-2015-6790CVE-2015-6791CVE-2015-8548

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

Multiple flaws are due to: - The no proper use of HTML entities in function WebPageSerializerImp::openTagToString in WebKit/Source/web/WebPageSerializerImpl.cpp file in the page serializer. - The difference in execution of multiple threads leading to race condition in the mutation implementation. - An improper implementation of handler functions in class ObjectBackedNativeHandler class which is in file extensions/renderer/object_backed_native_handler.cc in the extensions subsystem. Successful exploitation will allow an attacker to cause denial of service or possibly have other impact, to inject arbitrary web script or HTML, bypass the security restrictions and gain access to potentially sensitive information.

Recommendation

Upgrade to Google Chrome version 47.0.2526.80 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 14, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available