The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Google Chrome

computer vulnerability note CVE-2016-1801 CVE-2016-5134

Proxy Auto-Config: obtaining visited HTTPS URLs

Synthesis of the vulnerability

An attacker can host a PAC file conceived to retrieve information sent to FindProxyForURL(), and use a Man-in-the-Middle to force the victim to use it, in order to obtain information on visited URLs.
Impacted products: iOS by Apple, iPhone, Mac OS X, Debian, Chrome, Firefox, SeaMonkey, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet server.
Number of vulnerabilities in this bulletin: 2.
Creation date: 05/08/2016.
Identifiers: CVE-2016-1801, CVE-2016-5134, DSA-3637-1, HT206567, HT206568, openSUSE-SU-2016:1865-1, openSUSE-SU-2016:1868-1, openSUSE-SU-2016:1869-1, openSUSE-SU-2016:1918-1, RHSA-2016:1485-01, VIGILANCE-VUL-20329, VU#877625.

Description of the vulnerability

The Proxy Auto-Config (PAC, usually transmitted via WPAD) feature is used by web browsers to automatically detect the proxy to use to reach a remote web site.

The proxy.pac file (usually hosted on an intranet site such as http://intranet/proxy.pac) contains a FindProxyForURL() function, which indicates the proxy to use for a given URL. However, sensitive HTTPS urls also use FindProxyForURL().

An attacker can therefore host a PAC file conceived to retrieve information sent to FindProxyForURL(), and use a Man-in-the-Middle to force the victim to use it, in order to obtain information on visited URLs.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-5139 CVE-2016-5140 CVE-2016-5141

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Fedora, Chrome, openSUSE Leap, Opera, RHEL, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 8.
Creation date: 04/08/2016.
Identifiers: CERTFR-2016-AVI-261, CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146, DSA-3645-1, FEDORA-2016-e9798eaaa3, openSUSE-SU-2016:2320-1, RHSA-2016:1580-01, USN-3058-1, VIGILANCE-VUL-20318.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can alter displayed information via Address Bar, in order to deceive the victim. [severity:2/4; CVE-2016-5141]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5142]

An attacker can generate a buffer overflow via pdfium, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-22174). [severity:4/4; CVE-2016-5139]

An attacker can generate a buffer overflow via pdfium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5140]

An attacker can bypass the origin check via Blink, in order to access to victim's data. [severity:2/4; CVE-2016-5145]

An attacker can bypass security features via DevTools Parameters, in order to escalate his privileges. [severity:2/4; CVE-2016-5143]

An attacker can bypass security features via DevTools Parameters, in order to escalate his privileges. [severity:2/4; CVE-2016-5144]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-5146]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-5138

Google Chrome: integer overflow via kbasep_vinstr_attach_client

Synthesis of the vulnerability

An attacker can generate an integer overflow via kbasep_vinstr_attach_client() of Google Chrome, in order to trigger a denial of service, and possibly to run code.
Impacted products: Chrome, openSUSE Leap, Opera.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 28/07/2016.
Identifiers: CERTFR-2016-AVI-253, CERTFR-2016-AVI-261, CVE-2016-5138, openSUSE-SU-2016:2320-1, VIGILANCE-VUL-20245.

Description of the vulnerability

The Google Chrome product uses a Mali Midgard driver.

However, if an integer is too large, a multiplication overflows in kbasep_vinstr_attach_client(), and an allocated memory area is too short.

An attacker can therefore generate an integer overflow via kbasep_vinstr_attach_client() of Google Chrome, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-1705 CVE-2016-1706 CVE-2016-1707

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 18.
Creation date: 21/07/2016.
Identifiers: CERTFR-2016-AVI-247, CVE-2016-1705, CVE-2016-1706, CVE-2016-1707, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137, DSA-3637-1, openSUSE-SU-2016:1865-1, openSUSE-SU-2016:1868-1, openSUSE-SU-2016:1869-1, openSUSE-SU-2016:1918-1, openSUSE-SU-2016:2320-1, RHSA-2016:1485-01, USN-3041-1, VIGILANCE-VUL-20188.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can bypass security features via PPAPI, in order to escalate his privileges. [severity:3/4; CVE-2016-1706]

An attacker can alter displayed information via iOS, in order to deceive the victim. [severity:3/4; CVE-2016-1707]

An attacker can force the usage of a freed memory area via Extensions, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1708]

An attacker can generate a buffer overflow via sfntly, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1709]

An attacker can bypass the origin check via Blink, in order to access to victim's data. [severity:2/4; CVE-2016-1710]

An attacker can bypass the origin check via Blink, in order to access to victim's data. [severity:2/4; CVE-2016-1711]

An attacker can force the usage of a freed memory area via Blink, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5127]

An attacker can bypass the origin check via V8, in order to access to victim's data. [severity:2/4; CVE-2016-5128]

An attacker can generate a memory corruption via V8, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-22316). [severity:4/4; CVE-2016-5129]

An attacker can alter displayed information via URL, in order to deceive the victim. [severity:2/4; CVE-2016-5130]

An attacker can force the usage of a freed memory area via libxml, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-20993). [severity:3/4; CVE-2016-5131]

An attacker can bypass the origin check via Service Workers, in order to access to victim's data. [severity:2/4; CVE-2016-5132]

An attacker can bypass the origin check via Proxy Authentication, in order to access to victim's data. [severity:2/4; CVE-2016-5133]

An attacker can bypass security features via PAC Script, in order to obtain sensitive information (VIGILANCE-VUL-20329). [severity:2/4; CVE-2016-5134]

An attacker can bypass the origin check via Content-Security-Policy, in order to access to victim's data. [severity:2/4; CVE-2016-5135]

An attacker can force the usage of a freed memory area via Extensions, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5136]

An attacker can bypass security features via HSTS/CSP History, in order to obtain sensitive information. [severity:2/4; CVE-2016-5137]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1705]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-1672 CVE-2016-1673 CVE-2016-1674

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Chrome, openSUSE, openSUSE Leap, Opera, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 24.
Creation date: 26/05/2016.
Revision date: 16/06/2016.
Identifiers: 780, 787, bulletinapr2019, CERTFR-2016-AVI-180, CVE-2016-1672, CVE-2016-1673, CVE-2016-1674, CVE-2016-1675, CVE-2016-1676, CVE-2016-1677, CVE-2016-1678, CVE-2016-1679, CVE-2016-1680, CVE-2016-1681, CVE-2016-1682, CVE-2016-1683, CVE-2016-1684, CVE-2016-1685, CVE-2016-1686, CVE-2016-1687, CVE-2016-1688, CVE-2016-1689, CVE-2016-1690, CVE-2016-1691, CVE-2016-1692, CVE-2016-1693, CVE-2016-1694, CVE-2016-1695, DLA-514-1, DSA-3590-1, DSA-3605-1, openSUSE-SU-2016:1430-1, openSUSE-SU-2016:1433-1, openSUSE-SU-2016:1496-1, RHSA-2016:1190-01, TALOS-2016-0174, USN-2992-1, VIGILANCE-VUL-19705.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can bypass security features via Extension Bindings, in order to escalate his privileges. [severity:4/4; CVE-2016-1672]

An attacker can bypass security features via Blink, in order to escalate his privileges. [severity:4/4; CVE-2016-1673]

An attacker can bypass security features via Extensions, in order to escalate his privileges. [severity:4/4; CVE-2016-1674]

An attacker can bypass security features via Blink, in order to escalate his privileges. [severity:4/4; CVE-2016-1675]

An attacker can bypass security features via Extension Bindings, in order to escalate his privileges. [severity:4/4; CVE-2016-1676]

An attacker can generate a memory corruption via V8, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-1677]

An attacker can generate a memory corruption via V8, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1678]

An attacker can force the usage of a freed memory area via V8, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1679]

An attacker can force the usage of a freed memory area via Skia, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1680]

An attacker can generate a buffer overflow via PDFium, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1681, TALOS-2016-0174]

An attacker can bypass security features via ServiceWorker, in order to escalate his privileges. [severity:3/4; CVE-2016-1682]

An attacker can force a read at an invalid address via libxslt, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-1683]

An attacker can generate an integer overflow via libxslt, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-1684]

An attacker can force a read at an invalid address via PDFium, in order to trigger a denial of service, or to obtain sensitive information. [severity:3/4; CVE-2016-1685]

An attacker can force a read at an invalid address via PDFium, in order to trigger a denial of service, or to obtain sensitive information. [severity:3/4; CVE-2016-1686]

An attacker can bypass security features via Extensions, in order to obtain sensitive information. [severity:3/4; CVE-2016-1687]

An attacker can force a read at an invalid address via V8, in order to trigger a denial of service, or to obtain sensitive information. [severity:3/4; CVE-2016-1688]

An attacker can generate a buffer overflow via media, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-1689]

An attacker can force the usage of a freed memory area via Autofill, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-1690]

An attacker can generate a buffer overflow via Skia, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-1691]

An attacker can bypass security features via ServiceWorker, in order to escalate his privileges. [severity:2/4; CVE-2016-1692]

An attacker can bypass file access restrictions via Software Removal Tool, in order to obtain sensitive information. [severity:2/4; CVE-2016-1693]

An attacker can bypass security features via HPKP, in order to obtain sensitive information. [severity:2/4; CVE-2016-1694]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1695]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-1696 CVE-2016-1697 CVE-2016-1698

Google Chrome: eight vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, client access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 8.
Creation date: 02/06/2016.
Identifiers: CERTFR-2016-AVI-188, CVE-2016-1696, CVE-2016-1697, CVE-2016-1698, CVE-2016-1699, CVE-2016-1700, CVE-2016-1701, CVE-2016-1702, CVE-2016-1703, DSA-3594-1, openSUSE-SU-2016:1489-1, openSUSE-SU-2016:1496-1, RHSA-2016:1201-01, SUSE-SU-2016:1490-1, USN-2992-1, VIGILANCE-VUL-19765.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can bypass the same origin policy of scripts in the interface to extensions. [severity:3/4; CVE-2016-1696]

An attacker can bypass the same origin policy of scripts in the module "Blink". [severity:3/4; CVE-2016-1697]

An attacker can bypass security features via the interface to extensions, in order to obtain sensitive information. [severity:2/4; CVE-2016-1698]

An attacker can bypass the parameters cleaning in the module "DevTools". [severity:2/4; CVE-2016-1699]

An attacker can force the usage of a freed memory area in the extension manager, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-1700]

An attacker can force the usage of a freed memory area in the "Autofill" module, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-1701]

An attacker can force a read memory access at an invalid address in the module "Skia", in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-1702]

An attacker can generate memory corruptions, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-1703]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-1667 CVE-2016-1668 CVE-2016-1669

Google Chrome: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 12/05/2016.
Identifiers: CERTFR-2016-AVI-166, CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1671, DSA-3590-1, openSUSE-SU-2016:1304-1, openSUSE-SU-2016:1319-1, openSUSE-SU-2016:1655-1, RHSA-2016:1080-01, USN-2960-1, VIGILANCE-VUL-19611.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can bypass security features in DOM, in order to escalate his privileges. [severity:3/4; CVE-2016-1667]

An attacker can bypass security features in Blink V8, in order to escalate his privileges. [severity:3/4; CVE-2016-1668]

An attacker can generate a buffer overflow in V8, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-20142). [severity:3/4; CVE-2016-1669]

An attacker can use a vulnerability in Loader, in order to run code. [severity:2/4; CVE-2016-1670]

An attacker can traverse directories in File Scheme, in order to read a file outside the root path. [severity:2/4; CVE-2016-1671]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-1660 CVE-2016-1661 CVE-2016-1662

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 8.
Creation date: 29/04/2016.
Identifiers: CERTFR-2016-AVI-147, CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666, CVE-2016-5168, DSA-3564-1, openSUSE-SU-2016:1207-1, openSUSE-SU-2016:1208-1, openSUSE-SU-2016:1209-1, openSUSE-SU-2016:1546-1, openSUSE-SU-2016:1655-1, RHSA-2016:0707-01, USN-2960-1, VIGILANCE-VUL-19485.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can generate a buffer overflow in Blink, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1660]

An attacker can generate a memory corruption in Cross-process Frames, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1661]

An attacker can force the usage of a freed memory area in Extensions, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1662]

An attacker can force the usage of a freed memory area in Blink V8 Bindings, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1663]

An attacker can spoof the address bar. [severity:2/4; CVE-2016-1664]

An attacker can bypass security features in V8, in order to obtain sensitive information. [severity:2/4; CVE-2016-1665]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1666]

An attacker can bypass security features via Skia, in order to obtain sensitive information. [severity:2/4; CVE-2016-5168]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-1651 CVE-2016-1652 CVE-2016-1653

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Impacted products: Debian, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 9.
Creation date: 14/04/2016.
Identifiers: CERTFR-2016-AVI-127, CVE-2016-1651, CVE-2016-1652, CVE-2016-1653, CVE-2016-1654, CVE-2016-1655, CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659, DSA-3549-1, openSUSE-SU-2016:1061-1, openSUSE-SU-2016:1135-1, openSUSE-SU-2016:1136-1, RHSA-2016:0638-01, USN-2955-1, VIGILANCE-VUL-19381, ZDI-16-243.

Description of the vulnerability

Several vulnerabilities were announced in Google Chrome.

An attacker can trigger a Cross Site Scripting in Extension Bindings, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-1652]

An attacker can generate a buffer overflow in V8, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1653]

An attacker can force a read at an invalid address in Pdfium JPEG2000, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-1651, ZDI-16-243]

An attacker can read a memory fragment of Media, in order to obtain sensitive information. [severity:2/4; CVE-2016-1654]

An attacker can force the usage of a freed memory area in Extensions, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-1655]

An unknown vulnerability was announced in File Path Restriction. [severity:2/4; CVE-2016-1656]

An attacker can spoof the address bar. [severity:2/4; CVE-2016-1657]

An attacker can bypass security features in Extensions, in order to obtain sensitive information. [severity:2/4; CVE-2016-1658]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-1659]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-3679

V8: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of V8.
Impacted products: Chrome, openSUSE, openSUSE Leap, Opera, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: document.
Creation date: 30/03/2016.
Identifiers: CVE-2016-3679, openSUSE-SU-2016:0929-1, openSUSE-SU-2016:0930-1, openSUSE-SU-2016:1059-1, USN-2955-1, VIGILANCE-VUL-19266.

Description of the vulnerability

Several vulnerabilities were announced in V8.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Google Chrome: