http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_15.html

openSUSE-SU-2015:2346

openSUSE-SU-2015:2347

RHSA-2015:2665

DSA-3456

79348

1034491

https://code.google.com/p/chromium/issues/detail?id=564501

https://code.google.com/p/chromium/issues/detail?id=569486

https://codereview.chromium.org/1500153002

https://codereview.chromium.org/1508563003

GLSA-201603-09

The remote host is affected by the vulnerability described in GLSA-201603-09 (Chromium: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in the Chromium web       browser. Please review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process, cause a Denial of Service condition, obtain       sensitive information, or bypass security restrictions.
  Workaround :

    There is no known workaround at this time.

Several vulnerabilities were discovered in the chromium web browser.

  - CVE-2015-6792     An issue was found in the handling of MIDI files.

  - CVE-2016-1612     cloudfuzzer discovered a logic error related to receiver     compatibility in the v8 JavaScript library.

  - CVE-2016-1613     A use-after-free issue was discovered in the pdfium     library.

  - CVE-2016-1614     Christoph Diehl discovered an information leak in     Webkit/Blink.

  - CVE-2016-1615     Ron Masas discovered a way to spoof URLs.

  - CVE-2016-1616     Luan Herrera discovered a way to spoof URLs.

  - CVE-2016-1617     jenuis discovered a way to discover whether an HSTS     website had been visited.

  - CVE-2016-1618     Aaron Toponce discovered the use of weak random number     generator.

  - CVE-2016-1619     Keve Nagy discovered an out-of-bounds-read issue in the     pdfium library.

  - CVE-2016-1620     The chrome 48 development team found and fixed various     issues during internal auditing. Also multiple issues     were fixed in the v8 JavaScript library, version     4.7.271.17.

The version of Google Chrome on the remote host is prior to 47.0.2526.106 and is affected by the following vulnerabilities :

 - The 'WebCursor::Deserialize()' method in file 'common/cursors/webcursor.cc' is affected by an integer overflow condition that allows an attacker to execute arbitrary code. (CVE-2015-6792)
 - The 'MidiManagerAlsa::DispatchSendMidiData()' method in file 'media/midi/midi_manager_alsa.cc' contains an unspecified flaw that allows an attacker to execute arbitrary code outside of sandbox restrictions. (CVE-2015-8664)

In addition to these, the bundled Flash Player component in this version of Google Chrome may be affected by the following vulnerabilities :

 - A type confusion error exists that a remote attacker can exploit to execute arbitrary code. (CVE-2015-8644)
 - An integer overflow condition exists that a remote attacker can exploit to execute arbitrary code. (CVE-2015-8651)
 - Multiple use-after-free errors exist that a remote attacker can exploit to execute arbitrary code. (CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650)
 - Multiple memory corruption issues exist that allow a remote attacker to execute arbitrary code. (CVE-2015-8459, CVE-2015-8460, CVE-2015-8636, CVE-2015-8645)

Chromium was updated to 47.0.2525.106 to fix security issues.

Vulnerabilities were fixed under the following collective identifier :

  - CVE-2015-6792: Fixes from internal audits and fuzzing.
    [boo#959458]

Google Chrome Releases reports :

2 security fixes in this release, including :

- [569486] CVE-2015-6792: Fixes from internal audits and fuzzing.

Updated chromium-browser packages that fix two security issues are now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2015-6792)

All Chromium users should upgrade to these updated packages, which contain Chromium version 47.0.2526.106, which corrects these issues.
After installing the update, Chromium must be restarted for the changes to take effect.

The version of Google Chrome installed on the remote Mac OS X host is prior to 47.0.2526.106. It is, therefore, affected by multiple vulnerabilities.

  - The WebCursor::Deserialize() method in file     common/cursors/webcursor.cc. is affected by an integer     overflow condition that allows an attacker to execute     arbitrary code.

  - The MidiManagerAlsa::DispatchSendMidiData() method in     file media/midi/midi_manager_alsa.cc contains a     unspecified flaw that allows an attacker to execute     arbitrary code outside of sandbox restrictions.

The version of Google Chrome installed on the remote Windows host is prior to 47.0.2526.106. It is, therefore, affected by multiple vulnerabilities :

  - The WebCursor::Deserialize() method in file     common/cursors/webcursor.cc. is affected by an integer     overflow condition that allows an attacker to execute     arbitrary code.

  - The MidiManagerAlsa::DispatchSendMidiData() method in     file media/midi/midi_manager_alsa.cc contains a     unspecified flaw that allows an attacker to execute     arbitrary code outside of sandbox restrictions.

ID	Name	Product	Family	Severity
89902	GLSA-201603-09 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
88425	Debian DSA-3456-1 : chromium-browser - security update	Nessus	Debian Local Security Checks	critical
9045	Google Chrome < 47.0.2526.106 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
87618	openSUSE Security Update : Chromium (openSUSE-2015-939)	Nessus	SuSE Local Security Checks	critical
87513	FreeBSD : chromium -- multiple vulnerabilities (bb7d4791-a5bf-11e5-a0e5-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	critical
87490	RHEL 6 : chromium-browser (RHSA-2015:2665)	Nessus	Red Hat Local Security Checks	critical
87418	Google Chrome < 47.0.2526.106 Multiple RCE (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
87417	Google Chrome < 47.0.2526.106 Multiple RCE	Nessus	Windows	critical

CVE-2015-6792

critical

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Tenable Plugins

critical

critical

high

critical

critical

critical

critical

critical