The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Google Chrome

computer vulnerability alert CVE-2016-5181 CVE-2016-5182 CVE-2016-5183

Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Chrome.
Impacted products: Debian, Fedora, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, client access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 14.
Creation date: 13/10/2016.
Identifiers: CERTFR-2016-AVI-345, CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5186, CVE-2016-5187, CVE-2016-5188, CVE-2016-5189, CVE-2016-5190, CVE-2016-5191, CVE-2016-5192, CVE-2016-5193, CVE-2016-5194, DSA-3731-1, FEDORA-2016-012de4c97e, FEDORA-2016-c671aae490, FEDORA-2017-98bed96d12, FEDORA-2017-ae1fde5fb8, openSUSE-SU-2016:2597-1, openSUSE-SU-2016:2783-1, openSUSE-SU-2016:2783-2, RHSA-2016:2067-01, SUSE-SU-2016:2598-1, USN-3113-1, VIGILANCE-VUL-20866.

Description of the vulnerability

Several vulnerabilities were announced in Chrome.

An attacker can trigger a Cross Site Scripting via Blink, in order to run JavaScript code in the context of the web site. [severity:3/4; CVE-2016-5181]

An attacker can generate a buffer overflow via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5182]

An attacker can force the usage of a freed memory area via PDFium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5183]

An attacker can force the usage of a freed memory area via PDFium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5184]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5185]

An attacker can alter displayed information via URL, in order to deceive the victim. [severity:2/4; CVE-2016-5187]

An attacker can alter displayed information via UI, in order to deceive the victim. [severity:2/4; CVE-2016-5188]

An attacker can bypass security features via Blink, in order to escalate his privileges. [severity:2/4; CVE-2016-5192]

An attacker can alter displayed information via URL, in order to deceive the victim. [severity:2/4; CVE-2016-5189]

An attacker can force a read at an invalid address via DevTools, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-5186]

An attacker can trigger a Cross Site Scripting via Bookmarks, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-5191]

An attacker can force the usage of a freed memory area via Internals, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-5190]

An attacker can bypass security features via Scheme Bypass, in order to escalate his privileges. [severity:2/4; CVE-2016-5193]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5194]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-5177 CVE-2016-5178

Google Chrome: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Fedora, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: client access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 30/09/2016.
Identifiers: CERTFR-2016-AVI-324, CVE-2016-5177, CVE-2016-5178, DSA-3683-1, FEDORA-2016-2e50862950, FEDORA-2016-d61c4f72da, openSUSE-SU-2016:2429-1, openSUSE-SU-2016:2432-1, RHSA-2016:2007-01, USN-3091-1, VIGILANCE-VUL-20741.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can force the usage of a freed memory area via the JavaScript interpreter V8, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5177]

An attacker can generate several memory corruptions, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5178]

An unknown vulnerability was announced. [severity:3/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-7549

Google Chrome: out-of-bounds memory reading via RenderFrame

Synthesis of the vulnerability

An attacker can force a read at an invalid address via RenderFrame of Google Chrome, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Chrome, Opera, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on client.
Provenance: document.
Creation date: 26/09/2016.
Identifiers: 646394, CVE-2016-7549, USN-3091-1, VIGILANCE-VUL-20699.

Description of the vulnerability

An attacker can force a read at an invalid address via RenderFrame of Google Chrome, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-5170 CVE-2016-5171 CVE-2016-5172

Google Chrome: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Fedora, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 14/09/2016.
Identifiers: CERTFR-2016-AVI-305, CVE-2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5173, CVE-2016-5174, CVE-2016-5175, CVE-2016-5176, DSA-3667-1, FEDORA-2016-03b199bec6, FEDORA-2016-2e50862950, FEDORA-2016-b15185b72a, openSUSE-SU-2016:2309-1, openSUSE-SU-2016:2310-1, openSUSE-SU-2016:2311-1, RHSA-2016:1905-01, USN-3091-1, VIGILANCE-VUL-20611, ZDI-16-524.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5170]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5171]

An attacker can force a read at an invalid address via v8, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-5172]

An attacker can bypass security features via Extension, in order to escalate his privileges. [severity:2/4; CVE-2016-5173]

An attacker can alter displayed information via Popup, in order to deceive the victim. [severity:2/4; CVE-2016-5174]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5175]

An attacker can bypass security features of the SafeBrowsing, in order to escalate his privileges. [severity:3/4; CVE-2016-5176, ZDI-16-524]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-7395

Google Chrome: out-of-bounds memory reading via ChopMonoAtY

Synthesis of the vulnerability

An attacker can force a read at an invalid address via ChopMonoAtY of Google Chrome, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Debian, Fedora, Chrome, openSUSE, openSUSE Leap, Opera, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 12/09/2016.
Identifiers: 613918, CVE-2016-7395, DSA-3667-1, FEDORA-2016-bf8c64a060, openSUSE-SU-2016:2250-1, openSUSE-SU-2016:2296-1, openSUSE-SU-2016:2349-1, SUSE-SU-2016:2251-1, VIGILANCE-VUL-20576.

Description of the vulnerability

An attacker can force a read at an invalid address via ChopMonoAtY of Google Chrome, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-5147 CVE-2016-5148 CVE-2016-5149

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Fedora, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 21.
Creation date: 01/09/2016.
Identifiers: CERTFR-2016-AVI-293, CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5160, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5167, DSA-3660-1, FEDORA-2016-2e50862950, FEDORA-2016-bf8c64a060, openSUSE-SU-2016:2250-1, openSUSE-SU-2016:2296-1, openSUSE-SU-2016:2349-1, RHSA-2016:1854-01, SUSE-SU-2016:2251-1, USN-3058-1, VIGILANCE-VUL-20505, ZDI-16-501.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can trigger a Cross Site Scripting via Blink, in order to run JavaScript code in the context of the web site. [severity:4/4; CVE-2016-5147]

An attacker can trigger a Cross Site Scripting via Blink, in order to run JavaScript code in the context of the web site. [severity:4/4; CVE-2016-5148]

An attacker can use a vulnerability via Script Injection, in order to run code. [severity:4/4; CVE-2016-5149]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5150]

An attacker can force the usage of a freed memory area via PDFium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5151]

An attacker can generate a buffer overflow via PDFium, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-24293). [severity:4/4; CVE-2016-5152]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5153]

An attacker can generate a buffer overflow via PDFium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5154]

An attacker can alter displayed information via Address Bar, in order to deceive the victim. [severity:4/4; CVE-2016-5155]

An attacker can force the usage of a freed memory area via Event Bindings, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5156]

An attacker can generate a buffer overflow via PDFium, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-24294). [severity:4/4; CVE-2016-5157]

An attacker can generate a buffer overflow via PDFium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5158]

An attacker can generate a buffer overflow via PDFium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5159]

An attacker can generate a memory corruption via Blink, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5161, ZDI-16-501]

An attacker can bypass security features via Extensions, in order to escalate his privileges. [severity:3/4; CVE-2016-5162]

An attacker can alter displayed information via Address Bar, in order to deceive the victim. [severity:3/4; CVE-2016-5163]

An attacker can trigger a Cross Site Scripting via DevTools, in order to run JavaScript code in the context of the web site. [severity:3/4; CVE-2016-5164]

An attacker can use a vulnerability via DevTools, in order to run code. [severity:3/4; CVE-2016-5165]

An attacker can bypass access restrictions via SMB Relay Attack, in order to read or alter data. [severity:3/4; CVE-2016-5166]

An attacker can bypass security features via Extensions, in order to escalate his privileges. [severity:2/4; CVE-2016-5160]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5167]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-1801 CVE-2016-5134

Proxy Auto-Config: obtaining visited HTTPS URLs

Synthesis of the vulnerability

An attacker can host a PAC file conceived to retrieve information sent to FindProxyForURL(), and use a Man-in-the-Middle to force the victim to use it, in order to obtain information on visited URLs.
Impacted products: iOS by Apple, iPhone, Mac OS X, Debian, Chrome, Firefox, SeaMonkey, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet server.
Number of vulnerabilities in this bulletin: 2.
Creation date: 05/08/2016.
Identifiers: CVE-2016-1801, CVE-2016-5134, DSA-3637-1, HT206567, HT206568, openSUSE-SU-2016:1865-1, openSUSE-SU-2016:1868-1, openSUSE-SU-2016:1869-1, openSUSE-SU-2016:1918-1, RHSA-2016:1485-01, VIGILANCE-VUL-20329, VU#877625.

Description of the vulnerability

The Proxy Auto-Config (PAC, usually transmitted via WPAD) feature is used by web browsers to automatically detect the proxy to use to reach a remote web site.

The proxy.pac file (usually hosted on an intranet site such as http://intranet/proxy.pac) contains a FindProxyForURL() function, which indicates the proxy to use for a given URL. However, sensitive HTTPS urls also use FindProxyForURL().

An attacker can therefore host a PAC file conceived to retrieve information sent to FindProxyForURL(), and use a Man-in-the-Middle to force the victim to use it, in order to obtain information on visited URLs.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-5139 CVE-2016-5140 CVE-2016-5141

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Fedora, Chrome, openSUSE Leap, Opera, RHEL, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 8.
Creation date: 04/08/2016.
Identifiers: CERTFR-2016-AVI-261, CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146, DSA-3645-1, FEDORA-2016-e9798eaaa3, openSUSE-SU-2016:2320-1, RHSA-2016:1580-01, USN-3058-1, VIGILANCE-VUL-20318.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can alter displayed information via Address Bar, in order to deceive the victim. [severity:2/4; CVE-2016-5141]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5142]

An attacker can generate a buffer overflow via pdfium, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-22174). [severity:4/4; CVE-2016-5139]

An attacker can generate a buffer overflow via pdfium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5140]

An attacker can bypass the origin check via Blink, in order to access to victim's data. [severity:2/4; CVE-2016-5145]

An attacker can bypass security features via DevTools Parameters, in order to escalate his privileges. [severity:2/4; CVE-2016-5143]

An attacker can bypass security features via DevTools Parameters, in order to escalate his privileges. [severity:2/4; CVE-2016-5144]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5146]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-5138

Google Chrome: integer overflow via kbasep_vinstr_attach_client

Synthesis of the vulnerability

An attacker can generate an integer overflow via kbasep_vinstr_attach_client() of Google Chrome, in order to trigger a denial of service, and possibly to run code.
Impacted products: Chrome, openSUSE Leap, Opera.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 28/07/2016.
Identifiers: CERTFR-2016-AVI-253, CERTFR-2016-AVI-261, CVE-2016-5138, openSUSE-SU-2016:2320-1, VIGILANCE-VUL-20245.

Description of the vulnerability

The Google Chrome product uses a Mali Midgard driver.

However, if an integer is too large, a multiplication overflows in kbasep_vinstr_attach_client(), and an allocated memory area is too short.

An attacker can therefore generate an integer overflow via kbasep_vinstr_attach_client() of Google Chrome, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-1705 CVE-2016-1706 CVE-2016-1707

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 18.
Creation date: 21/07/2016.
Identifiers: CERTFR-2016-AVI-247, CVE-2016-1705, CVE-2016-1706, CVE-2016-1707, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137, DSA-3637-1, openSUSE-SU-2016:1865-1, openSUSE-SU-2016:1868-1, openSUSE-SU-2016:1869-1, openSUSE-SU-2016:1918-1, openSUSE-SU-2016:2320-1, RHSA-2016:1485-01, USN-3041-1, VIGILANCE-VUL-20188.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can bypass security features via PPAPI, in order to escalate his privileges. [severity:3/4; CVE-2016-1706]

An attacker can alter displayed information via iOS, in order to deceive the victim. [severity:3/4; CVE-2016-1707]

An attacker can force the usage of a freed memory area via Extensions, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1708]

An attacker can generate a buffer overflow via sfntly, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1709]

An attacker can bypass the origin check via Blink, in order to access to victim's data. [severity:2/4; CVE-2016-1710]

An attacker can bypass the origin check via Blink, in order to access to victim's data. [severity:2/4; CVE-2016-1711]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5127]

An attacker can bypass the origin check via V8, in order to access to victim's data. [severity:2/4; CVE-2016-5128]

An attacker can generate a memory corruption via V8, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-22316). [severity:4/4; CVE-2016-5129]

An attacker can alter displayed information via URL, in order to deceive the victim. [severity:2/4; CVE-2016-5130]

An attacker can force the usage of a freed memory area via libxml, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-20993). [severity:3/4; CVE-2016-5131]

An attacker can bypass the origin check via Service Workers, in order to access to victim's data. [severity:2/4; CVE-2016-5132]

An attacker can bypass the origin check via Proxy Authentication, in order to access to victim's data. [severity:2/4; CVE-2016-5133]

An attacker can bypass security features via PAC Script, in order to obtain sensitive information (VIGILANCE-VUL-20329). [severity:2/4; CVE-2016-5134]

An attacker can bypass the origin check via Content-Security-Policy, in order to access to victim's data. [severity:2/4; CVE-2016-5135]

An attacker can force the usage of a freed memory area via Extensions, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5136]

An attacker can bypass security features via HSTS/CSP History, in order to obtain sensitive information. [severity:2/4; CVE-2016-5137]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1705]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Google Chrome: