Google Chrome < 60.0.3112.78 Multiple Vulnerabilities

Binary data 700171.pasl...

chromium-browser: use after free in ppapi

Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

Security update for chromium (important)

This update Chromium to version 60.0.3112.78 fixes security issue and bugs. The following security issues were fixed: CVE-2017-5091: Use after free in IndexedDB CVE-2017-5092: Use after free in PPAPI CVE-2017-5093: UI spoofing in Blink CVE-2017-5094: Type confusion in extensions CVE-2017-5095:...

Security update for chromium (important)

This update Chromium to version 60.0.3112.78 fixes security issue and bugs. The following security issues were fixed: CVE-2017-5091: Use after free in IndexedDB CVE-2017-5092: Use after free in PPAPI CVE-2017-5093: UI spoofing in Blink CVE-2017-5094: Type confusion in extensions CVE-2017-5095:...

CVE-2017-5099

Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 60 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 60.0.3112.78 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

Ubuntu 14.04 LTS / 16.04 LTS : Oxide vulnerabilities (USN-3041-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3041-1 advisory. Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could...

Ubuntu: Security Advisory (USN-3041-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-1706

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to...

Design/Logic Flaw

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to...

CVE-2016-1706

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to...

CVE-2016-1706

CVE-2016-1706 concerns the Chrome/Chromium PPAPI sandbox escape: the PPAPI implementation did not validate the origin of IPC messages to the plugin broker that should have originated from the browser process, enabling a sandbox bypass via an unexpected message type. Affected product family: Googl...

CVE-2016-1706

Removed by vendor...

CVE-2016-1706

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to...

Google Chrome Security Updates (stable-channel-update-2016-07) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Fixes 48 Bugs, Sandbox Escape, in Chrome

Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox. That vulnerability is one of 48 bugs fixed in version 52 of Chrome released Wednesday. Four dozen of those flaws are rated as high risks and Google paid out more than $22,000 i...

CVE-2016-1706

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to...

KLA10711 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remote...

KLA10680 Code execution vulnerability in Adobe Flash Player

Multiple type confusion vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed SWF file or other unknown vectors. Technical details This vulnerability...

Stable Channel Update for Chrome OS

The Stable channel has been updated to 40.0.2214.114 Platform version: 6457.94.0. Systems will be automatically updated over the next few days. This build contains a number of security updates and stability fixes. Some highlights of these changes are: PPAPI Flash updated to 16.0.0.305-r1 Security...