Lucene search

K
kasperskyKaspersky LabKLA10846
HistoryJul 20, 2016 - 12:00 a.m.

KLA10846 Multiple vulnerabilities in Google Chrome

2016-07-2000:00:00
Kaspersky Lab
threats.kaspersky.com
35

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.106 Low

EPSS

Percentile

94.9%

Detect date:

07/20/2016

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code or obtain sensitive information.

Affected products:

Google Chrome versions earlier than 52.0.2743.82 (All branches)

Solution:

Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Get Google Chrome

Original advisories:

Google Chrome realases blog

Impacts:

OSI

Related products:

Google Chrome

CVE-IDS:

CVE-2016-51374.3Warning
CVE-2016-51366.8High
CVE-2016-51354.3Warning
CVE-2016-51344.3Warning
CVE-2016-51334.3Warning
CVE-2016-51326.8High
CVE-2016-51316.8High
CVE-2016-51304.3Warning
CVE-2016-51296.8High
CVE-2016-51286.8High
CVE-2016-51276.8High
CVE-2016-17116.8High
CVE-2016-17106.8High
CVE-2016-17096.8High
CVE-2016-17086.8High
CVE-2016-17074.3Warning
CVE-2016-17069.3Critical
CVE-2016-17056.8High

References

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.106 Low

EPSS

Percentile

94.9%