漏洞类别:Local
漏洞等级: 
漏洞信息
Google Chrome is a web browser for multiple platforms developed by Google.
This Google Chrome update fixes the following vulnerabilities:
CVE-2017-15407: Out of bounds write in QUIC:
CVE-2017-15408: Heap buffer overflow in PDFium:
CVE-2017-15409: Out of bounds write in Skia:
CVE-2017-15410: Use after free in PDFium.:
CVE-2017-15411: Use after free in PDFium.:
CVE-2017-15412: Use after free in libXML:
CVE-2017-15413: Type confusion in WebAssembly:
CVE-2017-15415: Pointer information disclosure in IPC call :
CVE-2017-15416: Out of bounds read in Blink:
CVE-2017-15417: Cross origin information disclosure in Skia:
CVE-2017-15418: Use of uninitialized value in Skia:
CVE-2017-15419: Cross origin leak of redirect URL in Blink.:
CVE-2017-15420: URL spoofing in Omnibox.:
CVE-2017-15422: Integer overflow in ICU:
CVE-2017-15423: Issue with SPAKE implementation in BoringSSL:
CVE-2017-15424: URL Spoof in Omnibox:
CVE-2017-15425: URL Spoof in Omnibox.:
CVE-2017-15426: URL Spoof in Omnibox:
CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox:
Affected Versions:
Google Chrome prior to 63.0.3239.84
QID Detection Logic(Authenticated)
It checks for vulnerable version of Google Chrome.
漏洞危害
Successful exploitation of these vulnerabilities could allow a remote attacker to conduct unspecified attacks.
解决方案
Customers are advised to upgrade to Google Chrome 63.0.3239.84 or a later version.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论