Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0132 Google has released Chrome 39.0.2171.65 19 November 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows Linux variants OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2014-7910 CVE-2014-7909 CVE-2014-7908 CVE-2014-7907 CVE-2014-7906 CVE-2014-7905 CVE-2014-7904 CVE-2014-7903 CVE-2014-7902 CVE-2014-7901 CVE-2014-7900 CVE-2014-7899 CVE-2014-0574 Member content until: Friday, December 19 2014 Reference: ASB-2014.0128 ESB-2014.2141 ESB-2014.2129 OVERVIEW Google has released Chrome 39.0.2171.65, which includes 42 security fixes. [1] IMPACT Google has provided the following details regarding the major vulnerabilities: "[$500][389734] High CVE-2014-7899: Address bar spoofing. Credit to Eli Grey. [$1500][406868] High CVE-2014-7900: Use-after-free in pdfium. Credit to Atte Kettunen from OUSPG. [$1000][413375] High CVE-2014-7901: Integer overflow in pdfium. Credit to cloudfuzzer. [$1000][414504] High CVE-2014-7902: Use-after-free in pdfium. Credit to cloudfuzzer. [$3000][414525] High CVE-2014-7903: Buffer overflow in pdfium. Credit to cloudfuzzer. [$2000][418161] High CVE-2014-7904: Buffer overflow in Skia. Credit to Atte Kettunen from OUSPG. [$2000][421817] High CVE-2014-7905: Flaw allowing navigation to intents that do not have the BROWSABLE category. Credit to WangTao(neobyte) of Baidu X-Team. [$500][423030] High CVE-2014-7906: Use-after-free in pepper plugins. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team. $7500][423703] High CVE-2014-0574: Double-free in Flash. Credit to biloulehibou. [$5000][424453] High CVE-2014-7907: Use-after-free in blink. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team. [$500][425980] High CVE-2014-7908: Integer overflow in media. Credit to Christoph Diehl. [$500][391001] Medium CVE-2014-7909: Uninitialized memory read in Skia. Credit to miaubiz." [1] "We would also like to thank Atte Kettunen, Christian Holler, cloudfuzzer, and mmaliszkiewicz for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $16500 in additional rewards were issued. As usual, our ongoing internal security work was responsible for a wide range of fixes: [433500] CVE-2014-7910: Various fixes from internal audits, fuzzing and other initiatives."[1] MITIGATION The vendor recommends updating to the latest version of Google Chrome to correct these issues. [1] REFERENCES [1] Stable Channel Update http://googlechromereleases.blogspot.com.au/2014/11/stable-channel-update_18.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVGwe2BLndAQH1ShLAQJkpw/+LxDyplgGyCbMuAmcxqkcaICV3zt8xmOu YSGXyjKxHrIF7RYnZE5TO9En7ED5mcIhsDbUBVdSSqYKhjb71SmlBNEB/FYHKE0K Fq/IHbfhaO7E2Yeudmnc1/r6MBh+DJcCL9AZugsXb4KbEEzVkZLWV1QTY0Lz7jUa xINULkVwm7T4ZEtqY36dBTuqW69dUXwfbva080+5PVJfgr63QkMgpcbO+T9lhtOk ZsOdrppc5g+p/o0tI8q1o/M711BYv9ILHzEilEtRZ7cygqL5JNipKy9WCSbYkb9m 4Zik4z6cadoBGc6Ktdyru2b7aXItP0eMP7KjRVI5mgiDlPB6vXKcc5imXFFhHBhK n/dWvWnZYCU965pibsCQvjhpyzuXGU8BrDREoHD4+E+knjyP1R6QlYh8PyzBr3PR rDw+TaLXhkLttwCcpUYccRgjUMdsq6ilFgs9C4gQEsjLtfXGMJy+EEFueKGxa1zM CxL0hze/jh2sLFHRJVyMYcbVydMw01VTuz9RWYnxEjRIjjA+xiJqSIR5ssFCW6I2 PRW37U6clt+s2zMAWx2e0T5kGe4vIg4yZ60KOAd9cRfrFj2mUKk1NvqVnlejZv3h qjyoIS4zscYn3wtKm+8vWsDR0M92Jj44APbfNiF76pAgYoQLW2gmqJvKSJqNYTta 9FXXRsv/OWc= =QTex -----END PGP SIGNATURE-----