Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2015.0073
A number of vulnerabilities have been identified in Google Chrome
22 July 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Google Chrome
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Mobile Device
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Cross-site Scripting -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Provide Misleading Information -- Remote with User Interaction
Access Confidential Data -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2015-1289 CVE-2015-1288 CVE-2015-1287
CVE-2015-1286 CVE-2015-1285 CVE-2015-1284
CVE-2015-1283 CVE-2015-1282 CVE-2015-1281
CVE-2015-1280 CVE-2015-1279 CVE-2015-1278
CVE-2015-1277 CVE-2015-1276 CVE-2015-1275
CVE-2015-1274 CVE-2015-1273 CVE-2015-1272
CVE-2015-1271 CVE-2015-1270
Member content until: Friday, August 21 2015
OVERVIEW
A number of vulnerabilities have been identified in Google Chrome
prior to version 44.0.2403.89. [1]
IMPACT
The vendor has provided the following details regarding these
issues:
"This update includes 43 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chromium security page for more information.
[$3000][446032] High CVE-2015-1271: Heap-buffer-overflow in pdfium.
Credit to cloudfuzzer.
[$3000][459215] High CVE-2015-1273: Heap-buffer-overflow in pdfium.
Credit to makosoft.
[$TBD][461858] High CVE-2015-1274: Settings allowed executable files
to run immediately after download. Credit to andrewm.bpi.
[$7500][462843] High CVE-2015-1275: UXSS in Chrome for Android.
Credit to WangTao(neobyte) of Baidu X-Team.
[$TBD][472614] High CVE-2015-1276: Use-after-free in IndexedDB.
Credit to Collin Payne.
[$5500][483981] High CVE-2015-1279: Heap-buffer-overflow in pdfium.
Credit to mlafon.
[$5000][486947] High CVE-2015-1280: Memory corruption in skia.
Credit to cloudfuzzer.
[$1000][487155] High CVE-2015-1281: CSP bypass. Credit to Masato
Kinugawa.
[$TBD][487928] High CVE-2015-1282: Use-after-free in pdfium. Credit
to Chamal de Silva.
[$TBD][492052] High CVE-2015-1283: Heap-buffer-overflow in expat.
Credit to sidhpurwala.huzaifa.
[$2000][493243] High CVE-2015-1284: Use-after-free in blink. Credit
to Atte Kettunen of OUSPG.
[$7500][504011] High CVE-2015-1286: UXSS in blink. Credit to
anonymous.
[$1337][419383] Medium CVE-2015-1287: SOP bypass with CSS. Credit to
filedescriptor.
[$1000][444573] Medium CVE-2015-1270: Uninitialized memory read in
ICU. Credit to Atte Kettunen of OUSPG.
[$500][451456] Medium CVE-2015-1272: Use-after-free related to
unexpected GPU process termination. Credit to Chamal de Silva.
[479743] Medium CVE-2015-1277: Use-after-free in accessibility.
Credit to SkyLined.
[$500][482380] Medium CVE-2015-1278: URL spoofing using pdf files.
Credit to Chamal de Silva.
[$1337][498982] Medium CVE-2015-1285: Information leak in XSS
auditor. Credit to gazheyes.
[$500][479162] Low CVE-2015-1288: Spell checking dictionaries
fetched over HTTP. Credit to mike@michaelruddy.com.
As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[512110] CVE-2015-1289: Various fixes from internal audits, fuzzing
and other initiatives." [1]
MITIGATION
The vendor recommends updating to the latest version of Google
Chrome to correct these issues. [1]
REFERENCES
[1] Tuesday, July 21, 2015 - Stable Channel Update
http://googlechromereleases.blogspot.com.au/2015/07/stable-channel-update_21.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVa8s8n6ZAP0PgtI9AQJrRhAAvUIf0IVDgLvpoLM9yu2vi1fulHMMW4+U
bUTR4gUbj9zzHoxdWRBgELphRmFBvQoGw0AitFKrUeGiZhwL7Y+l7zIuQDT0LzyS
6LHE2Xp0yMp3FyHR01xMtSKbOAcLOYdq9zsl9REpq/MqNL1Z1l4A3VDfHCL3MnTr
beFwhEGZbavnzyo1bCkkN1ISMS5YYgWYPhtfDk7VnMj5VWi0LdL2phhubgfo79a3
Ic/3zBdVDGe2cWQIvS0k8gx9Ye4LF+JVujM0eK3mi+BjZUr3cauKxk8cgRfCb6B6
kpvdnzm0pm4T5Rn7N0FAMApvebP8Tyi2erFuXGw7E+bGev+bz+N7SHs7So9EMkpG
z6osvFuv28E6HKm3IpSpOpRDlsCvE1wdtIqz2alRj0tG4ouorV70qjEvyhWNbWLK
S9izEtCCsEeabV68448ow3/4O3hWTDZ7+mD5i6D/K6dXey2aEN2Y3no7k+eZuq8X
zJulIpW04eE7KvW25Xt64eXRjX6NaQc4Q99A/JRx2LagQkAP9G+0qZ4cHcPZACAt
VFPGHcG+UNmY0wiTseRpwgkTCp6m2N5y21OhGqEJf8cWFbLDmOzQOgZq7hKL9xHV
HOJKkGIEZQpgSPr0SFW6ceyPAzVWzRiapA7SzJ6NR//EeTArrhOevYCfeLYanzib
6riiMHG5Eu8=
=xWLA
-----END PGP SIGNATURE-----