Google Chrome < 4.9.385.26 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 4.9.385.26. It is, therefore, affected by multiple vulnerabilities as referenced in the 201603stable-channel-update advisory. - Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to...

EUVD-2016-2717

Malware in sbrugna...

EUVD-2016-2733

Malware in sbrugna...

EUVD-2016-2727

Malware in sbrugna...

EUVD-2016-2769

Malware in sbrugna...

SUSE CVE-2016-1708

The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified...

SUSE CVE-2016-5136

Use-after-free vulnerability in extensions/renderer/userscriptinjector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion...

CVE-2016-5136

Use-after-free vulnerability in extensions/renderer/userscriptinjector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion...

UBUNTU-CVE-2016-1708

The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified...

Design/Logic Flaw

The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified...

CVE-2016-1708

CVE-2016-1708 affects Google Chrome/Chromium’s Extensions subsystem, specifically the Chrome Web Store inline-installation path. The issue stems from not properly accounting for object lifetimes during progress observation, enabling a use-after-free scenario that can lead to a denial of service o...

CVE-2016-1708

The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified...

CVE-2016-5136

Removed by vendor...

CVE-2016-1708

The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified...

CVE-2016-5136

Use-after-free vulnerability in extensions/renderer/userscriptinjector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion...

CVE-2016-1696

The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

Design/Logic Flaw

The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

CVE-2016-1696

The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

CVE-2016-1696

Removed by vendor...

CVE-2016-1696

The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...