logo
DATABASE RESOURCES PRICING ABOUT US

Google Patches 43 Bugs in Chrome

Description

A new version of Google Chrome is available, and it contains patches for 43 security vulnerabilities, many of them in the high-risk category. Two of the more serious vulnerabilities fixed in [Chrome 44](<http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html>) are a pair of universal cross-site scripting bugs. One of the flaws is in blink, the Web layout engine in Chrome. The other one is in Chrome for Android. Universal XSS vulnerabilities allow attackers to exploit XSS bugs in browsers rather than on sites. Each of those vulnerabilities earned the researchers who reported them a $7,500 bug bounty from Google. As part of that bounty program, Google paid out roughly $40,000 to external researchers who reported vulnerabilities to the company. Among the other vulnerabilities patched in this release are three heap buffer overflows in pdfium, the PDF rendering engine in Chrome. There also are a number of use-after-free bugs in various components patched in Chrome 44. Here’s the list of vulnerabilities reported by external researchers: [$3000][[**446032**](<https://code.google.com/p/chromium/issues/detail?id=446032>)] **High** CVE-2015-1271: Heap-buffer-overflow in pdfium. _Credit to cloudfuzzer._ [$3000][[**459215**](<https://code.google.com/p/chromium/issues/detail?id=459215>)] **High** CVE-2015-1273: Heap-buffer-overflow in pdfium. _Credit to makosoft_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$TBD][[**461858**](<https://code.google.com/p/chromium/issues/detail?id=461858>)] **High** CVE-2015-1274: Settings allowed executable files to run immediately after download. _Credit to andrewm.bpi_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$7500][[**462843**](<https://code.google.com/p/chromium/issues/detail?id=462843>)] **High** CVE-2015-1275: UXSS in Chrome for Android. _Credit to WangTao(neobyte) of Baidu X-Team_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$TBD][[**472614**](<https://code.google.com/p/chromium/issues/detail?id=472614>)] **High** CVE-2015-1276: Use-after-free in IndexedDB. _Credit to Collin Payne_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$5500][[**483981**](<https://code.google.com/p/chromium/issues/detail?id=483981>)] **High** CVE-2015-1279: Heap-buffer-overflow in pdfium. _Credit to mlafon_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$5000][[**486947**](<https://code.google.com/p/chromium/issues/detail?id=486947>)] **High** CVE-2015-1280: Memory corruption in skia. _Credit to cloudfuzzer_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$1000][[**487155**](<https://code.google.com/p/chromium/issues/detail?id=487155>)] **High **CVE-2015-1281: CSP bypass. _Credit to Masato Kinugawa_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$TBD][[**487928**](<https://code.google.com/p/chromium/issues/detail?id=487928>)] **High** CVE-2015-1282: Use-after-free in pdfium. _Credit to Chamal de Silva_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$TBD][[**492052**](<https://code.google.com/p/chromium/issues/detail?id=492052>)] **High** CVE-2015-1283: Heap-buffer-overflow in expat. _Credit to sidhpurwala.huzaifa_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$2000][[**493243**](<https://code.google.com/p/chromium/issues/detail?id=493243>)] **High** CVE-2015-1284: Use-after-free in blink. _Credit to Atte Kettunen of OUSPG._ [$7500][[**504011**](<https://code.google.com/p/chromium/issues/detail?id=504011>)] **High** CVE-2015-1286: UXSS in blink. _Credit to anonymous_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$1337][[**419383**](<https://code.google.com/p/chromium/issues/detail?id=419383>)] **Medium** CVE-2015-1287: SOP bypass with CSS. _Credit to filedescriptor._ [$1000][[**444573**](<https://code.google.com/p/chromium/issues/detail?id=444573>)] **Medium** CVE-2015-1270: Uninitialized memory read in ICU. _Credit to Atte Kettunen of OUSPG._ [$500][[**451456**](<https://code.google.com/p/chromium/issues/detail?id=451456>)] **Medium** CVE-2015-1272: Use-after-free related to unexpected GPU process termination. _Credit to Chamal de Silva_[**_._**](<https://code.google.com/u/117154691211413633534/>) [[**479743**](<https://code.google.com/p/chromium/issues/detail?id=479743>)] **Medium** CVE-2015-1277: Use-after-free in accessibility. _Credit to SkyLined_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$500][[**482380**](<https://code.google.com/p/chromium/issues/detail?id=482380>)] **Medium** CVE-2015-1278: URL spoofing using pdf files. _Credit to Chamal de Silva_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$1337][[**498982**](<https://code.google.com/p/chromium/issues/detail?id=498982>)] **Medium **CVE-2015-1285: Information leak in XSS auditor. _Credit to gazheyes_[**_._**](<https://code.google.com/u/117154691211413633534/>) [$500][[**479162**](<https://code.google.com/p/chromium/issues/detail?id=479162>)] **Low** CVE-2015-1288: Spell checking dictionaries fetched over HTTP. _Credit to mike@michaelruddy.com._


Related