Kaspersky LabKLA10617KLA10617 Bypass security restrictions vulnerabilities in Google Chrome
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.6%
Detect date:
06/22/2015
Severity:
Warning
Description:
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions.
Affected products:
Google Chrome versions earlier than 43.0.2357.130 (All branches)
Solution:
Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Get Google Chrome
Original advisories:
Impacts:
SB
Related products:
CVE-IDS:
CVE-2015-12665.0Critical
CVE-2015-12675.0Critical
CVE-2015-12685.0Critical
CVE-2015-12694.3Warning
References
googlechromereleases.blogspot.ru/2015/06/chrome-stable-update.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GoogleChromeReleases+(Google+Chrome+Releases)
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Google-Chrome/
www.google.com/chrome/browser/desktop/index.html
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.6%