Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2015.0113
A number of vulnerabilities have been identified in Google Chrome
3 December 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Google Chrome
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Access Privileged Data -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Provide Misleading Information -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2015-6786 CVE-2015-6785 CVE-2015-6784
CVE-2015-6783 CVE-2015-6782 CVE-2015-6781
CVE-2015-6780 CVE-2015-6779 CVE-2015-6778
CVE-2015-6777 CVE-2015-6776 CVE-2015-6775
CVE-2015-6774 CVE-2015-6773 CVE-2015-6772
CVE-2015-6771 CVE-2015-6770 CVE-2015-6769
CVE-2015-6768 CVE-2015-6767 CVE-2015-6766
CVE-2015-6765 CVE-2015-6764
Member content until: Saturday, January 2 2016
OVERVIEW
A number of vulnerabilities have been identified in Google Chrome
prior to version 47.0.2526.73. [1]
IMPACT
The vendor has provided the following information about the
vulnerabilities:
"This update includes 41 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chromium security page for more information
[$10000][558589] Critical CVE-2015-6765: Use-after-free in AppCache.
Credit to anonymous.
[$11337][551044] High CVE-2015-6766: Use-after-free in AppCache.
Credit to anonymous.
[$10000][554908] High CVE-2015-6767: Use-after-free in AppCache.
Credit to anonymous.
[$8000][556724] High CVE-2015-6768: Cross-origin bypass in DOM.
Credit to Mariusz Mlynski.
[$7500][534923] High CVE-2015-6769: Cross-origin bypass in core.
Credit to Mariusz Mlynski.
[$7500][541206] High CVE-2015-6770: Cross-origin bypass in DOM.
Credit to Mariusz Mlynski.
[$7500][544991] High CVE-2015-6771: Out of bounds access in v8.
Credit to anonymous.
[$7500][546545] High CVE-2015-6772: Cross-origin bypass in DOM.
Credit to Mariusz Mlynski.
[$7500][554946] High CVE-2015-6764: Out of bounds access in v8.
Credit to Guang Gong of Qihoo 360 via pwn2own.
[$5000][491660] High CVE-2015-6773: Out of bounds access in Skia.
Credit to cloudfuzzer.
[$5000][549251] High CVE-2015-6774: Use-after-free in Extensions.
Credit to anonymous.
[$3500][529012] High CVE-2015-6775: Type confusion in PDFium. Credit
to Atte Kettunen of OUSPG.
[$3000][457480] High CVE-2015-6776: Out of bounds access in PDFium.
Credit to Hanno Bock.
[$3000][544020] High CVE-2015-6777: Use-after-free in DOM. Credit to
Long Liu of Qihoo 360Vulcan Team.
[$2000][514891] Medium CVE-2015-6778: Out of bounds access in
PDFium. Credit to Karl Skomski.
[$2000][528505] Medium CVE-2015-6779: Scheme bypass in PDFium.
Credit to Til Jasper Ullrich.
[$1000][490492] Medium CVE-2015-6780: Use-after-free in Infobars.
Credit to Khalil Zhani.
[$1000][497302] Medium CVE-2015-6781: Integer overflow in Sfntly.
Credit to miaubiz.
[$1000][536652] Medium CVE-2015-6782: Content spoofing in Omnibox.
Credit to Luan Herrera.
[$1000][537205] Medium CVE-2015-6783: Signature validation issue in
Android Crazy Linker. Credit to Michal Bednarski.
[$500][503217] Low CVE-2015-6784: Escaping issue in saved pages.
Credit to Inti De Ceukelaire.
[$500][534542] Low CVE-2015-6785: Wildcard matching issue in CSP.
Credit to Michael Ficarra / Shape Security.
[$500][534570] Low CVE-2015-6786: Scheme bypass in CSP. Credit to
Michael Ficarra / Shape Security." [1]
MITIGATION
The vendor recommends updating to the latest version of Google
Chrome to correct these issues. [1]
REFERENCES
[1] Tuesday, December 1, 2015 - Stable Channel Update
http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVl/EVn6ZAP0PgtI9AQJMlxAAurCgJZtJa3l5aQHQNLEpQ3gTINAww4zY
i+ir8lJt9G+R+zDDeTDWasgp5+8bDjSDDJw3Y2534HWwzjCfmRNGpYtrWggtVCw5
cc+VCaTdua9XtuyT6a+2I/yFLC/66OC0Uqir+Z/bYB4ywwVmY3QgUU/tC3PWe0Wq
W0aQjdJZaM8ovD/bqgDpqlzZvcdUK3smsfTJcV1D5AdWRB7VkVyA1BIQcatBr4ms
f3q06CcjmqytHzFwzxnGp+u2ecqV3MqdlD2gaCqejwChfk+PePU+/T6zEb1/EA5B
OxfUvq1BEJiI2gvvXzA1jqxo7Ug4xFFdv/oXE7pgErs0abGw2bZdOiHsEwwzX5cp
Ia4YdZ49zXSnYYKoVyhQXz4HPC3XHyH6M4586Rh0DBlCTU4Dt6bLpMr5/eh4HD64
ok9gF/W6CSRur2QknqPUQVNh3eYx0qWQpCOUmo7pDR6q/VGDZxwyv+Yi30LueO0c
ZUlUATvMZI6L+tTCcD9fwjKez6U67cOVcHd+g+sLEhzyMvPVxdVBLRt4vsKFnJiz
pMokK1wSUpIvMs6rT01VXdktTW0a+VffmhGhBu7WfWPIdh941UYhc/jcUZm7rEfy
1jqE6f4Kf26k10iYZcMguQezYYa+PUjWQBjKGKE0SPPL+asPBjZv2iSz5mjXg5o9
mxF7G1smFN0=
=bn7y
-----END PGP SIGNATURE-----