- Home
- CVEs with nessus.description==The version of Google Chrome installed on the remote Windows host is
prior to 49.0.2623.75. It is, therefore, affected by multiple
vulnerabilities :
- Multiple overflow conditions exist in the libpng library
in the png_set_PLTE() and png_get_PLTE() functions due
to improper handling of bit depths less than eight. A
remote attacker can exploit this, via a specially
crafted PNG image, to cause a denial of service
condition or the execution of arbitrary code.
(CVE-2015-8126)
- An unspecified flaw exists in Blink that allows an
attacker to bypass the same-origin policy.
(CVE-2016-1630)
- An unspecified flaw exists in the Pepper plugin that
allows an attacker to bypass the same-origin policy.
(CVE-2016-1631)
- A bad cast flaw exists in the Extensions component that
allows an attacker to have an unspecified impact.
(CVE-2016-1632)
- Multiple use-after-free errors exist in Blink. A remote
attacker can exploit these issues to dereference already
freed memory, resulting in the execution of arbitrary
code. (CVE-2016-1633, CVE-2016-1634, CVE-2016-1635)
- An unspecified flaw exists that allows an attacker to
bypass SRI validation. (CVE-2016-1636)
- An unspecified flaw exists that allows an attacker to
disclose sensitive information. (CVE-2016-1637)
- An unspecified flaw exists that allows an attacker to
bypass the webAPI. (CVE-2016-1638)
- A use-after-free error exists in WebRTC. A remote
attacker can exploit this issue to dereference already
freed memory, resulting in the execution of arbitrary
code. (CVE-2016-1639)
- An unspecified origin confusion flaw exists in the
Extensions UI that allows an attacker to have an
unspecified impact. (CVE-2016-1640)
- A use-after-free error exists in Favicon. A remote
attacker can exploit this issue to dereference already
freed memory, resulting in the execution of arbitrary
code. (CVE-2016-1641)
- Multiple flaws exist that allow a remote attacker to
execute arbitrary code. (CVE-2016-1642)
- Multiple unspecified flaws exist in Google V8 in
runetime-scopes.cc that allows an attacker to cause a
denial of service condition or the execution of
arbitrary code. (CVE-2016-2843
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top