If you have licensed a Flexera product that has provided access to Secunia Advisories, all use of Secunia Advisories is subject to your license agreement with Flexera. If you have not licensed a Flexera product that provides access to Secunia Advisories:
a) All use of Secunia Advisories is for non-commercial use only.
b) For further information, see the End User License Agreement or contact us.

If you are an IT security professional, request a free trial of Software Vulnerability Manager.

 
Highly critical

Google Chrome Multiple Vulnerabilities

-

Release Date:  2014-08-27    Last Update:  2014-08-29    Views:  4,992

Secunia Advisory SA60268

Where:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of Vulnerability Intelligence Manager.

Impact:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of Vulnerability Intelligence Manager.

Solution Status:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of Vulnerability Intelligence Manager.

Software:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of Vulnerability Intelligence Manager.

CVE Reference(s):

Log in with your Secunia community profile. If you are an IT security professional, request a trial of Vulnerability Intelligence Manager.

Description


Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system


Log in with your Secunia community profile to view the full description of this Advisory. If you are an IT security professional, request a trial of Vulnerability Intelligence Manager.

If you are not a member of the Secunia community, you can sign up here for free.

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Google Chrome Multiple Vulnerabilities

User Message
BankerBOE2 RE: Google Chrome Multiple Vulnerabilities
Member 31st Aug, 2014 16:36
Score: 3
Posts: 19
User Since: 19th Dec 2008
System Score: N/A
Location: UK
Last edited on 31st Aug, 2014 16:36
Downloaded and installed version 37.0.2062.4 but Secunia continues to report that version 36x is installed and requiring updating. After computer restart, continues to report same, even though version 36x is no longer on my computer - anywhere.

--
Windows 7 Professional 64-bit SP1
AMD A8-5600k APU w/Radeon HD Graphics 3.60 GHz
Internet Explorer 11, Firefox
16Gb RAM, 1Tb HD
Was this reply relevant?
+0
-0
Anthony Wells RE: Google Chrome Multiple Vulnerabilities
Expert Contributor 1st Sep, 2014 14:36
Score: 2542
Posts: 3,402
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

Google leaves behind the "old" version when it updates and the PSI will detect this .

36.x will show as EOL or Insecure based on the 36.x .dll files folder and or the Icon chrome.old.exe file left behind in the ...\Chrome\Application\... folder .

How do you know 36.x is not anywhere on your system ?? Have you manually removed these files ?? After rebooting did you run a full scan (the PSI can take time to react) ??

How did/do you update Chrome ??

37.x has updated a second time within a couple of days from ....94 to ....102 both are on my PC but the PSI only detects ...102 ; ...94 may show up as a "zombie" file .

I use the PSI version 2.x , which version are you using ??

Anthony


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

-

You must be logged in to post a comment.