5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.071 Low
EPSS
Percentile
93.9%
09/21/2015
Critical
Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10670.
Google Chrome versions earlier than 45.0.2454.99 (all branches)
Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Get Chrome
ACE
Public exploits exist for this vulnerability.
googlechromereleases.blogspot.ru/2015/09/stable-channel-refresh.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GoogleChromeReleases+(Google+Chrome+Releases)
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5571
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6679
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Google-Chrome/
www.google.com/chrome/browser/desktop/index.html