Uni kid’s turn to shout.
Google has patched 33 Chrome vulnerabilities, including 13 rated high severity, with the release of verison 53 of the world’s most popular web browser.
Six high-severity bugs were reported in Google’s native Adobe Reader wrecker PDFium, namely a use after free and five heap overflows of which three were reported by GiWan Go of mobile app hack outfit Stealien.

Five mostly severe flaws were dug up in the Blink web browser engine including two universal cross-site scripting holes, one use after free, a use after destruction, and a minor type confusion bug.
Massachusetts Institute of Technology computer science student Max Justicz scored US$7500 in beer money for reporting script injection in Chrome extensions.
All told Google doled out US$56,500(£42,568, A$74,860) to hackers reporting bugs and likely more since four have pay outs that are yet to be decided.
Three of those are high severity heap overflows in Chrome’s PDFium and are likely to bag about US$5000 each.

The fourth is a medium severity SMB relay attack that abuses the save page as functionality.
Google has been on an exciting patch run of late, fixing 48 bugs in July.

The full list is below. ®
Bounty
Google bug ID
Severity
CVE
Description
Credit
$1000
618037
Medium
CVE-2016-5165
Script injection in DevTools
Credit to Gregory Panakkal
$2000
637594
Medium
CVE-2016-5164
Universal XSS using DevTools
Credit to anonymous
$3000
633002
High
CVE-2016-5154
Heap overflow in PDFium
Credit to anonymous
$3000
630662
High
CVE-2016-5155
Address bar spoofing
Credit to anonymous
$3000
625404
High
CVE-2016-5156
Use after free in event bindings
Credit to jinmo123
$3000
609680
Medium
CVE-2016-5163
Address bar spoofing
Credit to Rafay Baloch PTCL Etisalat (http://rafayhackingarticles.net)
$3500
631052
High
CVE-2016-5153
Use after destruction in Blink
Credit to Atte Kettunen of OUSPG
$500
576867
Low
CVE-2016-5160
Extensions web accessible resources bypass
Credit to @l33terally, FogMarks.com (@FogMarks)
$5000
637963
High
CVE-2016-5150
Use after free in Blink
Credit to anonymous
$5000
634716
High
CVE-2016-5151
Use after free in PDFium
Credit to anonymous
$5000
629919
High
CVE-2016-5152
Heap overflow in PDFium
Credit to GiWan Go of Stealien
$7500
628942
High
CVE-2016-5147
Universal XSS in Blink
Credit to anonymous
$7500
621362
High
CVE-2016-5148
Universal XSS in Blink
Credit to anonymous
$7500
573131
High
CVE-2016-5149
Script injection in extensions
Credit to Max Justicz (http://web.mit.edu/maxj/www/)
$n/a
622420
Medium
CVE-2016-5161
Type confusion in Blink
Credit to 62600BCA031B9EB5CB4A74ADDDD6771E working with Trend Micro’s Zero Day Initiative
$n/a
589237
Medium
CVE-2016-5162
Extensions web accessible resources bypass
Credit to Nicolas Golubovic
$TBD
632622
High
CVE-2016-5157
Heap overflow in PDFium
Credit to anonymous
$TBD
628890
High
CVE-2016-5158
Heap overflow in PDFium
Credit to GiWan Go of Stealien
$TBD
628304
High
CVE-2016-5159
Heap overflow in PDFium
Credit to GiWan Go of Stealien
$TBD
616429
Medium
CVE-2016-5166
SMB Relay Attack via Save Page As
Credit to Gregory Panakkal

Leave a Reply