Lucene search

K

Kaspersky LabKLA10463

HistoryMar 03, 2015 - 12:00 a.m.

KLA10463 Multiple vulnerabilities in Google Chrome

2015-03-0300:00:00

Kaspersky Lab

threats.kaspersky.com

23

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.044 Low

EPSS

Percentile

92.2%

Detect date:

03/03/2015

Severity:

Critical

Description:

Multiple critical vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or inject arbitrary code.

Affected products:

Google Chrome versions earlier than 41.0.2272.76

Solution:

Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.

Original advisories:

Google blog entry

Impacts:

DoS

Related products:

CVE-IDS:

CVE-2015-12237.5Critical
CVE-2015-12227.5Critical
CVE-2015-12187.5Critical
CVE-2015-12307.5Critical
CVE-2015-12277.5Critical
CVE-2015-12265.0Critical
CVE-2015-12255.0Critical
CVE-2015-12245.0Critical
CVE-2015-12217.5Critical
CVE-2015-12137.5Critical
CVE-2015-12127.5Critical
CVE-2015-12287.5Critical
CVE-2015-12295.0Critical
CVE-2015-12147.5Critical
CVE-2015-12206.8High
CVE-2015-12197.5Critical
CVE-2015-12177.5Critical
CVE-2015-12157.5Critical
CVE-2015-12167.5Critical

References

googlechromereleases.blogspot.ru/2015/03/stable-channel-update.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1212

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1213

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1214

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1215

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1216

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1217

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1218

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1219

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1220

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1221

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1222

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1223

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1224

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1225

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1226

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1227

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1228

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1229

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1230

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Google-Chrome/

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.044 Low

EPSS

Percentile

92.2%

Related for KLA10463

threatpost1 redhat2 nessus16 freebsd2 openvas14 suse2 archlinux2 mageia2 gentoo2 securityvulns3 ubuntu2 chrome2 ubuntucve20 zdi1 cve20 debiancve20 prion20 kitploit1