Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2015.0073 A number of vulnerabilities have been identified in Google Chrome 22 July 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows UNIX variants (UNIX, Linux, OSX) Mobile Device Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Cross-site Scripting -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2015-1289 CVE-2015-1288 CVE-2015-1287 CVE-2015-1286 CVE-2015-1285 CVE-2015-1284 CVE-2015-1283 CVE-2015-1282 CVE-2015-1281 CVE-2015-1280 CVE-2015-1279 CVE-2015-1278 CVE-2015-1277 CVE-2015-1276 CVE-2015-1275 CVE-2015-1274 CVE-2015-1273 CVE-2015-1272 CVE-2015-1271 CVE-2015-1270 Member content until: Friday, August 21 2015 OVERVIEW A number of vulnerabilities have been identified in Google Chrome prior to version 44.0.2403.89. [1] IMPACT The vendor has provided the following details regarding these issues: "This update includes 43 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information. [$3000][446032] High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer. [$3000][459215] High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft. [$TBD][461858] High CVE-2015-1274: Settings allowed executable files to run immediately after download. Credit to andrewm.bpi. [$7500][462843] High CVE-2015-1275: UXSS in Chrome for Android. Credit to WangTao(neobyte) of Baidu X-Team. [$TBD][472614] High CVE-2015-1276: Use-after-free in IndexedDB. Credit to Collin Payne. [$5500][483981] High CVE-2015-1279: Heap-buffer-overflow in pdfium. Credit to mlafon. [$5000][486947] High CVE-2015-1280: Memory corruption in skia. Credit to cloudfuzzer. [$1000][487155] High CVE-2015-1281: CSP bypass. Credit to Masato Kinugawa. [$TBD][487928] High CVE-2015-1282: Use-after-free in pdfium. Credit to Chamal de Silva. [$TBD][492052] High CVE-2015-1283: Heap-buffer-overflow in expat. Credit to sidhpurwala.huzaifa. [$2000][493243] High CVE-2015-1284: Use-after-free in blink. Credit to Atte Kettunen of OUSPG. [$7500][504011] High CVE-2015-1286: UXSS in blink. Credit to anonymous. [$1337][419383] Medium CVE-2015-1287: SOP bypass with CSS. Credit to filedescriptor. [$1000][444573] Medium CVE-2015-1270: Uninitialized memory read in ICU. Credit to Atte Kettunen of OUSPG. [$500][451456] Medium CVE-2015-1272: Use-after-free related to unexpected GPU process termination. Credit to Chamal de Silva. [479743] Medium CVE-2015-1277: Use-after-free in accessibility. Credit to SkyLined. [$500][482380] Medium CVE-2015-1278: URL spoofing using pdf files. Credit to Chamal de Silva. [$1337][498982] Medium CVE-2015-1285: Information leak in XSS auditor. Credit to gazheyes. [$500][479162] Low CVE-2015-1288: Spell checking dictionaries fetched over HTTP. Credit to mike@michaelruddy.com. As usual, our ongoing internal security work was responsible for a wide range of fixes: [512110] CVE-2015-1289: Various fixes from internal audits, fuzzing and other initiatives." [1] MITIGATION The vendor recommends updating to the latest version of Google Chrome to correct these issues. [1] REFERENCES [1] Tuesday, July 21, 2015 - Stable Channel Update http://googlechromereleases.blogspot.com.au/2015/07/stable-channel-update_21.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVa8s8n6ZAP0PgtI9AQJrRhAAvUIf0IVDgLvpoLM9yu2vi1fulHMMW4+U bUTR4gUbj9zzHoxdWRBgELphRmFBvQoGw0AitFKrUeGiZhwL7Y+l7zIuQDT0LzyS 6LHE2Xp0yMp3FyHR01xMtSKbOAcLOYdq9zsl9REpq/MqNL1Z1l4A3VDfHCL3MnTr beFwhEGZbavnzyo1bCkkN1ISMS5YYgWYPhtfDk7VnMj5VWi0LdL2phhubgfo79a3 Ic/3zBdVDGe2cWQIvS0k8gx9Ye4LF+JVujM0eK3mi+BjZUr3cauKxk8cgRfCb6B6 kpvdnzm0pm4T5Rn7N0FAMApvebP8Tyi2erFuXGw7E+bGev+bz+N7SHs7So9EMkpG z6osvFuv28E6HKm3IpSpOpRDlsCvE1wdtIqz2alRj0tG4ouorV70qjEvyhWNbWLK S9izEtCCsEeabV68448ow3/4O3hWTDZ7+mD5i6D/K6dXey2aEN2Y3no7k+eZuq8X zJulIpW04eE7KvW25Xt64eXRjX6NaQc4Q99A/JRx2LagQkAP9G+0qZ4cHcPZACAt VFPGHcG+UNmY0wiTseRpwgkTCp6m2N5y21OhGqEJf8cWFbLDmOzQOgZq7hKL9xHV HOJKkGIEZQpgSPr0SFW6ceyPAzVWzRiapA7SzJ6NR//EeTArrhOevYCfeLYanzib 6riiMHG5Eu8= =xWLA -----END PGP SIGNATURE-----