Source: www.nessus.org --- Saturday, April 30, 2016
Synopsis : A web browser installed on the remote Windows host is affected by multiple vulnerabilities. Description : The version of Google Chrome installed on the remote Windows host is prior to 50.0.2661.94. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds write error exists in Blink that allows a context-dependent attacker to execute arbitrary code. (CVE-2016-1660) - A flaw exists due to improper validation of user-supplied input when handling cross-process frames. A context-dependent attacker can exploit this to corrupt memory, resulting in the execution of arbitrary code. (CVE-2016-1661) - A use-after-free error exists in the extensions component. A context-dependent attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1662) - A use-after-free free error exists in Blink's V8 bindings. A context-dependent attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1663) - An unspecified flaw exists that allows a context-dependent attacker to spoof the address bar. (CVE-2016-1664) - An unspecified flaw exists in V8 that allows a context-dependent attacker to disclose sensitive information. (CVE-2016-1665) - Multiple unspecified vulnerabilities exist that allow a a context-dependent attacker to execute arbitrary code. (CVE-2016-1666) See also : http://ift.tt/1VXZ5ze Sol ...
from Windows http://ift.tt/1r43XW1
No comments:
Post a Comment