This issue was addressed by updating Google Chrome to version 97.0.4692.75. CVE-2017-15411 In Google Chrome prior to version 74.0.3729.169, a user could open multiple tabs and navigate to different sites as each tab was still being loaded in memory. This allowed remote attackers to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15412 In Google Chrome prior to version 74.0.3729.169, multiple instances of a “Cross-Origin Read Blocked” error could be observed in the Developer Tools profiler. This occurred when opening a page with an XMLHttpRequest on the same domain and subdomain as the Developer Tools profiler. This allowed remote attackers to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15413 When launching media content in Google Chrome prior to version 74.0.3729.131, the media player would occasionally cause a crash. This occurred when rendering a remote video, audio, or plugin content. This allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15414 When launching media content in Google Chrome prior to version 74.0.3729.131, the media player would occasionally cause a crash. This occurred when a remote media plugin caused an unmapped memory access. This allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15415 In Google Chrome prior

^ ii to version 74.0.3729.131, a remote attacker could potentially exploit heap corruption via a crafted HTML page.

The fix for this issue is updating Google Chrome to version 74.0.3729.169

Mitigation and Detection

This issue was addressed by updating Google Chrome to version 74.0.3729.131. CVE-2017-15416 In Google Chrome prior to version 74.0.3729.131, a user could open multiple tabs and navigate to different sites as each tab was still being loaded in memory. This allowed remote attackers to potentially exploit heap corruption via a crafted HTML page.
Word count: 684

Timeline

Published on: 02/12/2022 00:15:00 UTC
Last modified on: 04/19/2022 03:33:00 UTC

References