Vulnerability Description
The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | <= 47.0.2526.80 |
References
- http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_15.html
- http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00029.html
- http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00030.html
- http://rhn.redhat.com/errata/RHSA-2015-2665.html
- http://www.debian.org/security/2016/dsa-3456
- http://www.securityfocus.com/bid/79348
- http://www.securitytracker.com/id/1034491
- https://code.google.com/p/chromium/issues/detail?id=564501
- https://code.google.com/p/chromium/issues/detail?id=569486
- https://codereview.chromium.org/1500153002
- https://codereview.chromium.org/1508563003
- https://security.gentoo.org/glsa/201603-09
- http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_15.html
- http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00029.html
- http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00030.html
FAQ
What is CVE-2015-6792?
CVE-2015-6792 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application...
How severe is CVE-2015-6792?
CVE-2015-6792 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2015-6792?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome.