CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
87.6%
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and obtain sensitive information.
Below is a complete list of vulnerabilities
Technical details
Vulnerability (1) caused by CSP implementation which does not ignore URL’s path during ServiceWorker fetch. Success exploitation of this vulnerability can lead to disclosure of information about visited web pages by reading CSP violation reports. This vulnerability related to FrameFetchContext.cpp and ResourceFetcher.cpp
Vulnerability (2) caused by lack of detection whether anonymous block wrapper exists or not. This vulnerability related to WebKit/Source/core/layout/LayoutBlock.cpp
Vulnerability (5) can be exploited via an image download after a certain data structure is deleted. This vulnerability related to content/browser/web_contents/web_contents_impl.cc
Vulnerability (6) caused by Web Store inline installer implementation in Extensions UI which does not block installations upon deletion of an installation frame. Exploitation of this vulnerability can lead lead user to believing that installation request originated by next navigation target.
Vulnerability (7) related to browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc and can be exploited via leveraging incorrect reliance on the resource context pointer.
Vulnerability (8) related to extensions/renderer/resources/platform_app.js
Vulnerability (9) caused by mishandling of asctangent calculations and related to SkATan2_255 function in effects/gradients/SkSweepGradient.cpp
Vulnerability (10) caused by checking memory-cache information about integrity-check occurrences instead of integrity-check successes, and can be can be exploited via two loads of the same resource. Successful exploitation of this vulnerability can lead to bypass of Subresource Integrity protection. This vulnerability related to PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp
Vulnerability (11) caused by improper considering objects lifetimes and re-entrancy during OnDocumentElementCreated handling. This vulnerability related to extensions/renderer/render_frame_observer_natives.cc
Vulnerability (12) related to StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp and can be exploited via triggering Cascade Style Sheets invalidation during certain subtree-removal action.
Vulnerability (13) can be exploited by JavaScript code which triggers an incorrect cast. This vulnerability related to extensions/renderer/v8_helpers.h and gin/converter.h
Vulnerability (14) caused by mishandle of nested message loops and related to PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc. Exploitation of this vulnerability can lead to Same Origin Policy Bypass.
Vulnerability (15) caused by mishandle of widget updates and caused by ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp. Exploitation of this vulnerability can lead to Same Origin Bypass.
CVE-2016-1632 high
CVE-2016-1633 critical
CVE-2016-1638 high
CVE-2016-1639 critical
CVE-2016-1640 warning
CVE-2016-1641 critical
CVE-2016-1634 critical
CVE-2016-1635 critical
CVE-2016-1636 critical
CVE-2016-1637 warning
CVE-2016-1631 high
CVE-2016-1642 critical
CVE-2016-2843 critical
CVE-2016-1630 high
CVE-2016-2844 critical
CVE-2016-2845 warning
Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
87.6%