Google Chrome Multiple Vulnerabilities
Last Update Date:
9 Jun 2011 10:49
Release Date:
9 Jun 2011
5826
Views
RISK: High Risk
TYPE: Clients - Browsers
![TYPE: Browsers](/f/bulletin_type/100018/37p37/client-browsers.png)
Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, conduct injection attacks, bypass certain security restrictions, and potentially compromise a user's system.
- A use-after-free error exists within the float handling, accessibility support, developer tools and image loader.
- An error related to CSS can be exploited to leak history information.
- An unspecified error can be exploited to bypass the extensions permissions.
- An error related to a stale pointer exists within the extension framework.
- An error related to extensions can be exploited to inject script code into new tab pages.
- An unspecified error related to history deletion can be exploited to corrupt browser memory.
- An unspecified error allows for "extension injection" into "chrome://" pages.
- An error within v8 and an error related to the DOM can be exploited to bypass the same origin restriction.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Google Chrome 11.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 12.0.742.91.
Vulnerability Identifier
- CVE-2011-1808
- CVE-2011-1809
- CVE-2011-1810
- CVE-2011-1811
- CVE-2011-1812
- CVE-2011-1813
- CVE-2011-1814
- CVE-2011-1815
- CVE-2011-1816
- CVE-2011-1817
- CVE-2011-1818
- CVE-2011-1819
- CVE-2011-2332
- CVE-2011-2342
Source
Related Link
Share with