English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.811873
Category:General
Title:Google Chrome Security Updates (stable-channel-update-for-desktop-2017-10) - Linux
Summary:Google Chrome is prone to multiple vulnerabilities.
Description:Summary:
Google Chrome is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An input validation error in MHTML.

- A memory corruption bug in WebAssembly.

- Multiple heap overflow errors in Skia, WebGL and libxml2.

- Multiple use after free errors in PDFium and WebAudio.

- An incorrect stack manipulation in WebAssembly.

- Multiple Out of bounds read and write errors in Skia.

- UI spoofing in Blink.

- Content security bypass.

- Multiple URL spoofing errors in OmniBox.

- An extension limitation bypass in Extensions.

- An incorrect registry key handling in PlatformIntegration.

- Referrer leak in Devtools.

- URL spoofing in extensions UI.

- Null pointer dereference error in ImageCapture.

- Various fixes from internal audits, fuzzing and other initiatives.

Vulnerability Impact:
Successful exploitation of these
vulnerabilities will allow remote attackers to execute arbitrary script,
conduct spoofing attack, corrupt memory, bypass security and cause
denial of service condition.

Affected Software/OS:
Google Chrome version prior to
62.0.3202.62 on Linux

Solution:
Upgrade to Google Chrome version
62.0.3202.62 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-5124
BugTraq ID: 101482
http://www.securityfocus.com/bid/101482
Debian Security Information: DSA-4020 (Google Search)
https://www.debian.org/security/2017/dsa-4020
https://security.gentoo.org/glsa/201710-24
https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html
https://chromium.googlesource.com/chromium/src/+/4558c2885e618557a674660aff57404d25537070
https://crbug.com/762930
https://github.com/Bo0oM/CVE-2017-5124
https://www.reddit.com/r/netsec/comments/7cus2h/chrome_61_uxss_exploit_cve20175124/
RedHat Security Advisories: RHSA-2017:2997
https://access.redhat.com/errata/RHSA-2017:2997
Common Vulnerability Exposure (CVE) ID: CVE-2017-5125
https://crbug.com/749147
Common Vulnerability Exposure (CVE) ID: CVE-2017-5126
https://crbug.com/760455
Common Vulnerability Exposure (CVE) ID: CVE-2017-5127
https://crbug.com/765384
Common Vulnerability Exposure (CVE) ID: CVE-2017-5128
https://crbug.com/765469
Common Vulnerability Exposure (CVE) ID: CVE-2017-5129
https://crbug.com/765495
Common Vulnerability Exposure (CVE) ID: CVE-2017-5132
https://crbug.com/718858
Common Vulnerability Exposure (CVE) ID: CVE-2017-5130
http://bugzilla.gnome.org/show_bug.cgi?id=783026
https://crbug.com/722079
https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed
https://www.oracle.com/security-alerts/cpuapr2020.html
https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-5131
https://crbug.com/744109
Common Vulnerability Exposure (CVE) ID: CVE-2017-5133
https://crbug.com/762106
Common Vulnerability Exposure (CVE) ID: CVE-2017-15386
https://crbug.com/752003
Common Vulnerability Exposure (CVE) ID: CVE-2017-15387
https://crbug.com/756040
Common Vulnerability Exposure (CVE) ID: CVE-2017-15388
https://crbug.com/756563
Common Vulnerability Exposure (CVE) ID: CVE-2017-15389
https://crbug.com/739621
Common Vulnerability Exposure (CVE) ID: CVE-2017-15390
https://crbug.com/750239
Common Vulnerability Exposure (CVE) ID: CVE-2017-15391
https://crbug.com/598265
Common Vulnerability Exposure (CVE) ID: CVE-2017-15392
https://crbug.com/714401
Common Vulnerability Exposure (CVE) ID: CVE-2017-15393
https://crbug.com/732751
Common Vulnerability Exposure (CVE) ID: CVE-2017-15394
https://crbug.com/745580
Common Vulnerability Exposure (CVE) ID: CVE-2017-15395
https://crbug.com/759457
Common Vulnerability Exposure (CVE) ID: CVE-2017-15401
https://crbug.com/766260
CopyrightCopyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.