https://crbug.com/725032

https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html

GLSA-201706-20

1038765

99096

DSA-3926

RHSA-2017:1495

Several vulnerabilities have been discovered in the chromium web browser.

  - CVE-2017-5087     Ned Williamson discovered a way to escape the sandbox.

  - CVE-2017-5088     Xiling Gong discovered an out-of-bounds read issue in     the v8 JavaScript library.

  - CVE-2017-5089     Michal Bentkowski discovered a spoofing issue.

  - CVE-2017-5091     Ned Williamson discovered a use-after-free issue in     IndexedDB.

  - CVE-2017-5092     Yu Zhou discovered a use-after-free issue in PPAPI.

  - CVE-2017-5093     Luan Herrera discovered a user interface spoofing issue.

  - CVE-2017-5094     A type confusion issue was discovered in extensions.

  - CVE-2017-5095     An out-of-bounds write issue was discovered in the     pdfium library.

  - CVE-2017-5097     An out-of-bounds read issue was discovered in the skia     library.

  - CVE-2017-5098     Jihoon Kim discovered a use-after-free issue in the v8     JavaScript library.

  - CVE-2017-5099     Yuan Deng discovered an out-of-bounds write issue in     PPAPI.

  - CVE-2017-5100     A use-after-free issue was discovered in Chrome Apps.

  - CVE-2017-5101     Luan Herrera discovered a URL spoofing issue.

  - CVE-2017-5102     An uninitialized variable was discovered in the skia     library.

  - CVE-2017-5103     Another uninitialized variable was discovered in the     skia library.

  - CVE-2017-5104     Khalil Zhani discovered a user interface spoofing issue.

  - CVE-2017-5105     Rayyan Bijoora discovered a URL spoofing issue.

  - CVE-2017-5106     Jack Zac discovered a URL spoofing issue.

  - CVE-2017-5107     David Kohlbrenner discovered an information leak in SVG     file handling.

  - CVE-2017-5108     Guang Gong discovered a type confusion issue in the     pdfium library.

  - CVE-2017-5109     Jose Maria Acuna Morgado discovered a user interface     spoofing issue.

  - CVE-2017-5110     xisigr discovered a way to spoof the payments dialog.

  - CVE-2017-7000     Chaitin Security Research Lab discovered an information     disclosure issue in the sqlite library.

Update to .104. Fix mp3 playback. Security fix for CVE-2017-5087, CVE-2017-5088, CVE-2017-5089

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Google Chrome installed on the remote macOS or Mac OS X host is prior to 59.0.3071.104. It is, therefore, affected by the following vulnerabilities :

  - A security bypass vulnerability exists in the IndexedDB     component that allows an unauthenticated, remote     attacker to bypass the sandbox. (CVE-2017-5087)

  - An out-of-bounds read error exists in the V8 component     that allows an unauthenticated, remote attacker to cause     a denial of service condition. (CVE-2017-5088)

  - An unspecified flaw exists in the Omnibox address bar     component that allows an unauthenticated, remote     attacker to spoof domains. (CVE-2017-5089)

  - Multiple unspecified vulnerabilities exist that allow an     unauthenticated, remote attacker to have a high severity     impact.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote Windows host is prior to 59.0.3071.104. It is, therefore, affected by the following vulnerabilities :

  - A security bypass vulnerability exists in the IndexedDB     component that allows an unauthenticated, remote     attacker to bypass the sandbox. (CVE-2017-5087)

  - An out-of-bounds read error exists in the V8 component     that allows an unauthenticated, remote attacker to cause     a denial of service condition. (CVE-2017-5088)

  - An unspecified flaw exists in the Omnibox address bar     component that allows an unauthenticated, remote     attacker to spoof domains. (CVE-2017-5089)

  - Multiple unspecified vulnerabilities exist that allow an     unauthenticated, remote attacker to have a high severity     impact.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-201706-20 (Chromium: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in the Chromium web       browser. Please review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process, cause a Denial of Service condition, obtain       sensitive information, bypass security restrictions or spoof content.
  Workaround :

    There is no known workaround at this time.

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 59.0.3071.104.

Security Fix(es) :

* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-5087, CVE-2017-5088, CVE-2017-5089)

This update to Chromium 59.0.3071.104 fixes the following security issues :

  - CVE-2017-5087: Sandbox Escape in IndexedDB

  - CVE-2017-5088: Out of bounds read in V8

  - CVE-2017-5089: Domain spoofing in Omnibox

  - Various fixes from internal audits, fuzzing and other     initiatives

The following tracked packaging changes are included :

  - In about dialog, refer to the build as 'openSUSE build'     (boo#1043420)

Google Chrome releases reports :

5 security fixes in this release, including :

- [725032] High CVE-2017-5087: Sandbox Escape in IndexedDB. Reported by Ned Williamson on 2017-05-22

- [729991] High CVE-2017-5088: Out of bounds read in V8. Reported by Xiling Gong of Tencent Security Platform Department on 2017-06-06

- [714196] Medium CVE-2017-5089: Domain spoofing in Omnibox. Reported by Michal Bentkowski on 2017-04-21

- [732498] Various fixes from internal audits, fuzzing and other initiatives

The version of Google Chrome installed on the remote host is prior to 59.0.3071.104, and is affected by multiple vulnerabilities :

 - A security bypass vulnerability exists in the IndexedDB component that allows an unauthenticated, remote attacker to bypass the sandbox. (CVE-2017-5087)
 - An out-of-bounds read error exists in the V8 component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-5088)
 - An unspecified flaw exists in the Omnibox address bar component that allows an unauthenticated, remote attacker to spoof domains. (CVE-2017-5089)

ID	Name	Product	Family	Severity
102210	Debian DSA-3926-1 : chromium-browser - security update	Nessus	Debian Local Security Checks	high
101558	Fedora 26 : chromium (2017-01e4d46f23)	Nessus	Fedora Local Security Checks	high
101072	Fedora 24 : chromium (2017-c2e1dc46a1)	Nessus	Fedora Local Security Checks	high
101038	Fedora 25 : chromium (2017-e8a1e1e62a)	Nessus	Fedora Local Security Checks	high
100992	Google Chrome < 59.0.3071.104 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	high
100991	Google Chrome < 59.0.3071.104 Multiple Vulnerabilities	Nessus	Windows	high
100946	GLSA-201706-20 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
100902	RHEL 6 : chromium-browser (RHSA-2017:1495)	Nessus	Red Hat Local Security Checks	high
100862	openSUSE Security Update : chromium (openSUSE-2017-701)	Nessus	SuSE Local Security Checks	high
100861	FreeBSD : chromium -- multiple vulnerabilities (f53dd5cc-527f-11e7-a772-e8e0b747a45a)	Nessus	FreeBSD Local Security Checks	high
700135	Google Chrome < 59.0.3071.104 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	critical

CVE-2017-5087

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

critical