Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable9202.PASL
HistoryApr 05, 2016 - 12:00 a.m.

Google Chrome < 49.0.2623.75 Multiple Vulnerabilities

2016-04-0500:00:00
Tenable
www.tenable.com
12
JSON

The version of Google Chrome installed on the remote host is prior to 49.0.2623.75, and is affected by multiple vulnerabilities :

  • Multiple overflow conditions exist in the libpng library in the ‘png_set_PLTE()’ and ‘png_get_PLTE()’ functions due to improper handling of bit depths less than eight. A remote attacker can exploit this, via a specially crafted PNG image, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-8126)
  • An unspecified flaw exists in Blink that allows an attacker to bypass the same-origin policy. (CVE-2016-1630)
  • An unspecified flaw exists in the Pepper plugin that allows an attacker to bypass the same-origin policy. (CVE-2016-1631)
  • A bad cast flaw exists in the Extensions component that allows an attacker to have an unspecified impact. (CVE-2016-1632)
  • Multiple use-after-free errors exist in Blink. A remote attacker can exploit these issues to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1633, CVE-2016-1634, CVE-2016-1635)
  • An unspecified flaw exists that allows an attacker to bypass SRI validation. (CVE-2016-1636)
  • An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1637)
  • An unspecified flaw exists that allows an attacker to bypass the webAPI. (CVE-2016-1638)
  • A use-after-free error exists in WebRTC. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1639)
  • An unspecified origin confusion flaw exists in the Extensions UI that allows an attacker to have an unspecified impact. (CVE-2016-1640)
  • A use-after-free error exists in Favicon. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1641)
  • Multiple flaws exist that allow a remote attacker to execute arbitrary code. (CVE-2016-1642)
  • Multiple unspecified flaws exist in Google V8 in ‘runetime-scopes.cc’ that allows an attacker to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-2843)
  • A bad cast flaw in ‘layout/LayoutBlock.cpp’ that is triggered as anonymous block wrappers are not properly removed from inline children allowing a context-dependent attacker to execute arbitrary code. (CVE-2016-2844)
  • A flaw that is triggered as the path component of the URL is not properly validated when handling a response fetched via ServiceWoker. (CVE-2016-2845)
Binary data 9202.pasl
VendorProductVersionCPE
googlechromecpe:/a:google:chrome

Related

nessus 49
openvas 25
suse 6
debian 3
archlinux 4
osv 2
chrome 1
redhat 2
freebsd 2
kaspersky 1
ubuntu 1
mageia 2
cve 17
prion 17
ubuntucve 18
debiancve 18
seebug 3
veracode 2
fedora 13
f5 4
amazon 1
ibm 4
slackware 2
oraclelinux 1
centos 1
nessus
nessus
Google Chrome < 49.0.2623.75 Multiple Vulnerabilities (Mac OS X)
2016-03-04 00:00:00
Google Chrome < 49.0.2623.75 Multiple Vulnerabilities
2016-03-04 00:00:00
RHEL 6 : chromium-browser (RHSA-2016:0359)
2016-03-07 00:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities Mar16 (Linux)
2016-03-08 00:00:00
Google Chrome Multiple Vulnerabilities Mar16 (Windows)
2016-03-08 00:00:00
Google Chrome Multiple Vulnerabilities Mar16 (Mac OS X)
2016-03-08 00:00:00
suse
suse
Security update for Chromium (important)
2016-03-06 17:12:11
Security update for Chromium (important)
2016-03-08 11:12:27
Security update for Chromium (important)
2016-03-06 17:11:45
debian
debian
[SECURITY] [DSA 3507-1] chromium-browser security update
2016-03-05 21:22:56
[SECURITY] [DSA 3507-1] chromium-browser security update
2016-03-05 21:22:56
[SECURITY] [DSA 3399-1] libpng security update
2015-11-18 19:55:41
archlinux
archlinux
chromium: multiple issues
2016-03-03 00:00:00
libpng: buffer overflow
2015-12-28 00:00:00
libpng: multiple issues
2015-11-17 00:00:00
osv
osv
chromium-browser - security update
2016-03-05 00:00:00
libpng - security update
2015-11-18 00:00:00
chrome
chrome
Stable Channel Update
2016-03-02 00:00:00
redhat
redhat
(RHSA-2016:0359) Important: chromium-browser security update
2016-03-07 00:00:00
(RHSA-2015:2596) Moderate: libpng security update
2015-12-09 13:26:42
freebsd
freebsd
chromium -- multiple vulnerabilities
2016-03-02 00:00:00
libpng buffer overflow in png_set_PLTE
2015-11-15 00:00:00
kaspersky
kaspersky
KLA10764 Multiple vulnerabilities in Google Chrome
2016-03-02 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2016-03-10 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2016-03-31 23:22:34
Updated libpng/libpng12 packages fix security vulnerability
2015-11-20 01:08:19
cve
cve
CVE-2016-1631
2016-03-06 02:59:00
CVE-2016-1638
2016-03-06 02:59:00
CVE-2016-1639
2016-03-06 02:59:00
prion
prion
Design/Logic Flaw
2016-03-06 02:59:00
Design/Logic Flaw
2016-03-06 02:59:00
Design/Logic Flaw
2016-03-06 02:59:00
ubuntucve
ubuntucve
CVE-2016-1638
2016-03-06 00:00:00
CVE-2016-1630
2016-03-05 00:00:00
CVE-2016-1632
2016-03-06 00:00:00
debiancve
debiancve
CVE-2016-2844
2016-03-06 02:59:00
CVE-2016-1639
2016-03-06 02:59:00
CVE-2016-1640
2016-03-06 02:59:00
seebug
seebug
Chrome Universal XSS using Flash message loop (CVE-2016-1631)
2017-04-24 00:00:00
Chrome the improper use of Flash message loop leads to the UXSS Vulnerability, CVE-2016-1631)
2016-11-21 00:00:00
Chrome Universal XSS using widget updates in ContainerNode::parserRemoveChild (CVE-2016-1630)
2017-04-24 00:00:00
veracode
veracode
Buffer Overflow
2017-02-08 02:19:46
Denial-of-Service (DoS) Via Embedded Dependency
2017-02-27 07:42:41
fedora
fedora
[SECURITY] Fedora 23 Update: mingw-libpng-1.6.19-1.fc23
2015-11-27 18:24:08
[SECURITY] Fedora 21 Update: mingw-libpng-1.6.19-1.fc21
2015-11-28 23:18:28
[SECURITY] Fedora 22 Update: mingw-libpng-1.6.19-1.fc22
2015-11-27 20:53:25
f5
f5
K76930736 : Libpng vulnerability CVE-2015-8126
2015-12-19 00:00:00
SOL76930736 - Libpng vulnerability CVE-2015-8126
2015-12-18 00:00:00
SOL81903701 - Libpng vulnerability CVE-2015-8472
2016-03-07 00:00:00
amazon
amazon
Medium: libpng
2015-11-23 13:43:00
ibm
ibm
Security Bulletin: Vulnerabilities in libpng affect Rational DOORS (CVE-2015-8126, CVE-2015-8472)
2020-05-01 08:19:24
Security Bulletin: Vulnerabilities in libpng affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems (CVE-2015-8126 CVE-2015-7981)
2023-04-14 14:32:25
Security Bulletin: Vulnerabilities in libpng affect IBM Integrated Management Module (IMM) (CVE-2015-7981, CVE-2015-8126)
2023-04-14 14:32:25
slackware
slackware
[slackware-security] libpng
2015-12-03 08:20:21
[slackware-security] libpng
2015-12-16 06:25:09
oraclelinux
oraclelinux
libpng security update
2015-12-09 00:00:00
centos
centos
libpng security update
2015-12-09 19:21:36
JSON
Related for 9202.PASL
nessus49openvas25suse6debian3archlinux4osv2chrome1redhat2freebsd2kaspersky1ubuntu1mageia2cve17prion17ubuntucve18debiancve18seebug3veracode2fedora13f54amazon1ibm4slackware2oraclelinux1centos1