Hash: SHA256

                         AUSCERT Security Bulletin

      Multiple vulnerabilities have been identified in Google Chrome
                               10 March 2017


        AusCERT Security Bulletin Summary

Product:              Google Chrome
Operating System:     Windows
                      OS X
                      Linux variants
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
                      Provide Misleading Information  -- Remote with User Interaction
                      Access Confidential Data        -- Remote with User Interaction
                      Reduced Security                -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2017-5046 CVE-2017-5045 CVE-2017-5044
                      CVE-2017-5043 CVE-2017-5042 CVE-2017-5041
                      CVE-2017-5040 CVE-2017-5039 CVE-2017-5038
                      CVE-2017-5037 CVE-2017-5036 CVE-2017-5035
                      CVE-2017-5034 CVE-2017-5033 CVE-2017-5032
                      CVE-2017-5031 CVE-2017-5030 CVE-2017-5029
Member content until: Sunday, April  9 2017


        Multiple vulnerabilities have been identified in Google Chrome prior
        to version 57.0.2987.98 [1]


        The vendor has provided the following details regarding the 
        "This update includes 36 security fixes. Below, we highlight fixes
        that were contributed by external researchers. Please see the Chrome
        Security Page for more information.
        [$7500][682194] High CVE-2017-5030: Memory corruption in V8. Credit
        to Brendon Tiszka
        [$5000][682020] High CVE-2017-5031: Use after free in ANGLE. Credit
        to Looben Yang
        [$3000][668724] High CVE-2017-5032: Out of bounds write in PDFium. 
        Credit to Ashfaq Ansari - Project Srishti
        [$3000][676623] High CVE-2017-5029: Integer overflow in libxslt. 
        Credit to Holger Fuhrmannek
        [$3000][678461] High CVE-2017-5034: Use after free in PDFium. Credit
        to Ke Liu of Tencent's Xuanwu LAB
        [$3000][688425] High CVE-2017-5035: Incorrect security UI in 
        Omnibox. Credit to Enzo Aguado
        [$3000][691371] High CVE-2017-5036: Use after free in PDFium. Credit
        to Anonymous
        [$1000][679640] High CVE-2017-5037: Multiple out of bounds writes in
        ChunkDemuxer. Credit to Yongke Wang of Tencent's Xuanwu Lab 
        [$500][679649] High CVE-2017-5039: Use after free in PDFium. Credit
        to jinmo123
        [$2000][691323] Medium CVE-2017-5040: Information disclosure in V8.
        Credit to Choongwoo Han
        [$1000][642490] Medium CVE-2017-5041: Address spoofing in Omnibox. 
        Credit to Jordi Chancel
        [$1000][669086] Medium CVE-2017-5033: Bypass of Content Security 
        Policy in Blink. Credit to Nicolai Grødum
        [$1000][671932] Medium CVE-2017-5042: Incorrect handling of cookies
        in Cast. Credit to Mike Ruddy
        [$1000][695476] Medium CVE-2017-5038: Use after free in GuestView. 
        Credit to Anonymous
        [$1000][683523] Medium CVE-2017-5043: Use after free in GuestView. 
        Credit to Anonymous
        [$1000][688987] Medium CVE-2017-5044: Heap overflow in Skia. Credit
        to Kushal Arvind Shah of Fortinet's FortiGuard Labs
        [$500][667079] Medium CVE-2017-5045: Information disclosure in XSS 
        Auditor. Credit to Dhaval Kapil (vampire)
        [$500][680409] Medium CVE-2017-5046: Information disclosure in 
        Blink. Credit to Masato Kinugawa
        We would also like to thank all security researchers that worked 
        with us during the development cycle to prevent security bugs from 
        ever reaching the stable channel.
        As usual, our ongoing internal security work was responsible for a 
        wide range of fixes:
        [699618] Various fixes from internal audits, fuzzing and other 
        Many of our security bugs are detected using AddressSanitizer, 
        MemorySanitizer, Control Flow Integrity, or libFuzzer." [1]


        The vendor advises users to upgrade to the latest version to fix 
        these issues. [1]


        [1] Stable Channel Update for Desktop

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
Comment: http://www.auscert.org.au/render.html?it=1967