Google Chrome Multiple Vulnerabilities
Last Update Date:
27 Oct 2011 16:48
Release Date:
27 Oct 2011
5519
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, conduct cross-site scripting attacks, and potentially compromise a user's system.
- An error within the history handling can be exploited to spoof the URL bar and display attacker controlled content while the browser presents the certificate of a trusted site.
- An error can be exploited to spoof the URL bar by e.g. tricking the user into performing a drag and drop operation on specially crafted content.
- An error is caused due to the application stripping whitespaces at the end of download filenames.
- Certain input passed to the appcache internals page is not properly sanitised before being displayed. This can be exploited to execute arbitrary HTML and script code in context of the appcache internals page.
- A race condition exists within the initialisation of worker processes.
- Various unspecified errors can be exploited to redirect to chrome scheme URIs, violate the cross-origin policy, and steal cookies.
- An unspecified error exists within the HTTP header delimiter handling.
- A use-after-free error exists within the media buffer handling, the counter handling, the video source handling, and plug-ins and editing.
- Various timing issues exist within the DOM traversal.
- Various issues related to stale styles can lead to use-after-free errors.
- Unspecified errors within v8 can be exploited to cause out-of-bounds writes.
- An error related to Web Audio can be exploited to cause a heap overflow.
- Internal v8 functions are exposed.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
- Spoofing
System / Technologies affected
- Google Chrome 14.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 15.0.874.102.
Vulnerability Identifier
- CVE-2011-2845
- CVE-2011-3875
- CVE-2011-3876
- CVE-2011-3877
- CVE-2011-3878
- CVE-2011-3879
- CVE-2011-3880
- CVE-2011-3881
- CVE-2011-3882
- CVE-2011-3883
- CVE-2011-3884
- CVE-2011-3885
- CVE-2011-3886
- CVE-2011-3887
- CVE-2011-3888
- CVE-2011-3889
- CVE-2011-3890
- CVE-2011-3891
Source
Related Link
Share with