Kaspersky LabKLA11257KLA11257 Multiple vulnerabilities in Google Chrome
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.296 Low
EPSS
Percentile
96.8%
Detect date:
05/29/2018
Severity:
Critical
Description:
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities possibly to execute arbitrary code, cause denial of service, perform cross-site scripting attacks, obtain sensitive information, spoof user interface, bypass security restrictions and perform unspecified attacks.
Affected products:
Google Chrome earlier than 67.0.3396.62
Solution:
Update to latest version.
Download Google Chrome
Original advisories:
Stable Channel Update for Desktop
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2018-61234.3Warning
CVE-2018-61246.8High
CVE-2018-61266.8High
CVE-2018-61276.8High
CVE-2018-61284.3Warning
CVE-2018-61294.3Warning
CVE-2018-61304.3Warning
CVE-2018-61316.8High
CVE-2018-61324.3Warning
CVE-2018-61334.3Warning
CVE-2018-61344.3Warning
CVE-2018-61354.3Warning
CVE-2018-61364.3Warning
CVE-2018-61374.3Warning
CVE-2018-61385.8High
CVE-2018-61396.8High
CVE-2018-61409.3Critical
CVE-2018-61416.8High
CVE-2018-61424.3Warning
CVE-2018-61434.3Warning
CVE-2018-61446.8High
CVE-2018-61454.3Warning
CVE-2018-61472.1Warning
Exploitation:
Public exploits exist for this vulnerability.
References
chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6123
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6124
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6128
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6129
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6131
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6132
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6133
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6134
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6135
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6136
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6137
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6138
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6139
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6140
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6142
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6145
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6147
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Google-Chrome/
www.google.com/chrome/browser/desktop/
Related
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.296 Low
EPSS
Percentile
96.8%