Lucene search

K

Kaspersky LabKLA10703

HistoryDec 01, 2015 - 12:00 a.m.

KLA10703 Multiple vulnerabilities in Google Chrome

2015-12-0100:00:00

Kaspersky Lab

threats.kaspersky.com

19

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

Detect date:

12/01/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions or execute arbitrary code.

Affected products:

Google Chrome versions earlier than 47.0.2526.73 (all branches)

Solution:

Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Get Chrome

Original advisories:

Google releases blog entry

Impacts:

ACE

Related products:

CVE-IDS:

Exploitation:

Public exploits exist for this vulnerability.

References

googlechromereleases.blogspot.ru/2015/12/stable-channel-update.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6764

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6766

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6767

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6768

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6769

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6770

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6771

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6772

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6773

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6774

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6775

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6776

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6777

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6778

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6779

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6780

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6781

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6782

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6783

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6784

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6785

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6786

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8478

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8479

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Google-Chrome/

www.google.com/chrome/browser/desktop/index.html

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

Related for KLA10703

prion1 debiancve1 cve1 ubuntucve1 nessus9 openvas9 ubuntu1 osv1 debian2 mageia1 archlinux1 threatpost1 redhat1 chrome1 freebsd1 suse2 gentoo1