HomePentest-Tools.com Logo

Google Chrome Security Updates(stable-channel-update-for-desktop-2017-01)-Windows CVE-2017-5007CVE-2017-5006CVE-2017-5008CVE-2017-5010CVE-2017-5011CVE-2017-5009CVE-2017-5012CVE-2017-5013CVE-2017-5014CVE-2017-5015CVE-2017-5019CVE-2017-5016CVE-2017-5017CVE-2017-5018CVE-2017-5020CVE-2017-5021CVE-2017-5022CVE-2017-5023CVE-2017-5024CVE-2017-5025CVE-2017-5026CVE-2017-5028

Severity
CVSSv3 Score
6.5
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to: - Multiple universal XSS errors in Blink component, chrome://apps and chrome://downloads. - An improper access restriction for files in Devtools. - An out of bounds memory access error in WebRTC. - A heap overflow error in V8. - An address spoofing error in Omnibox. - A heap overflow error in Skia. - An use after free error in Renderer. - An UI spoofing error in Blink component. - An uninitialised memory access error in webm video. - An use after free error in Extensions. - The bypass of Content Security Policy in Blink. - A type confusion error in metrics. - A heap overflow error in FFmpeg. - The various fixes from internal audits, fuzzing and other initiatives. - An insufficient data validation in V8 in Google Chrome. Successful exploitation of these vulnerabilities will allow remote attacker to bypass security, execute arbitrary code, cause denial of service and conduct spoofing attacks.

Recommendation

Upgrade to Google Chrome version 56.0.2924.76 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 17, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available