HomePentest-Tools.com Logo

Google Chrome Security Updates(stable-channel-update-for-desktop-2017-10)-Linux CVE-2017-5124CVE-2017-5125CVE-2017-5126CVE-2017-5127CVE-2017-5128CVE-2017-5129CVE-2017-5132CVE-2017-5130CVE-2017-5131CVE-2017-5133CVE-2017-15386CVE-2017-15387CVE-2017-15388CVE-2017-15389CVE-2017-15390CVE-2017-15391CVE-2017-15392CVE-2017-15393CVE-2017-15394CVE-2017-15395CVE-2017-15401

Severity
CVSSv3 Score
8.8
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to: - An input validation error in MHTML. - A memory corruption bug in WebAssembly. - Multiple heap overflow errors in Skia, WebGL and libxml2. - Multiple use after free errors in PDFium and WebAudio. - An incorrect stack manipulation in WebAssembly. - Multiple Out of bounds read and write errors in Skia. - UI spoofing in Blink. - Content security bypass. - Multiple URL spoofing errors in OmniBox. - An extension limitation bypass in Extensions. - An incorrect registry key handling in PlatformIntegration. - Referrer leak in Devtools. - URL spoofing in extensions UI. - Null pointer dereference error in ImageCapture. - Various fixes from internal audits, fuzzing and other initiatives. Successful exploitation of these vulnerabilities will allow remote attackers to execute arbitrary script, conduct spoofing attack, corrupt memory, bypass security and cause denial of service condition.

Recommendation

Upgrade to Google Chrome version 62.0.3202.62 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 7, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available