Lucene search

K

Kaspersky LabKLA10691

HistoryNov 10, 2015 - 12:00 a.m.

KLA10691 Multiple vulnerabilities in Google Chrome

2015-11-1000:00:00

Kaspersky Lab

threats.kaspersky.com

25

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.035 Low

EPSS

Percentile

91.5%

Detect date:

11/10/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information.

Affected products:

Google Chrome versions earlier than 46.0.2490.86 (All branches)

Solution:

Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Get Chrome

Original advisories:

Google Chrome release blog

Impacts:

ACE

Related products:

CVE-IDS:

CVE-2015-76569.3Critical
CVE-2015-76559.3Critical
CVE-2015-76529.3Critical
CVE-2015-76619.3Critical
CVE-2015-76627.8Critical
CVE-2015-76599.3Critical
CVE-2015-76519.3Critical
CVE-2015-76549.3Critical
CVE-2015-76539.3Critical
CVE-2015-76579.3Critical
CVE-2015-80429.3Critical
CVE-2015-76609.3Critical
CVE-2015-76589.3Critical
CVE-2015-13027.5Critical

Exploitation:

Public exploits exist for this vulnerability.

References

feedproxy.google.com/~r/GoogleChromeReleases/~3/ZlDrupADnA4/stable-channel-update.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1302

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7651

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7652

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7653

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7654

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7655

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7656

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7657

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7658

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7659

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7660

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7661

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7662

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8042

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/class/Exploit/

threats.kaspersky.com/en/product/Google-Chrome/

www.google.com/chrome/browser/desktop/index.html

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.035 Low

EPSS

Percentile

91.5%

Related for KLA10691

kaspersky1 nessus22 openvas14 altlinux2 redhat2 mageia2 archlinux2 freebsd2 prion18 ubuntucve18 cve18 checkpoint_advisories8 gentoo2 zdi12 zdt1 chrome1 debiancve1 securityvulns1 osv1 debian2