Google Chrome Multiple Vulnerabilities
Last Update Date:
2 Apr 2012
Release Date:
30 Mar 2012
6034
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting and spoofing attacks and compromise a user's system.
- Some errors exist in the bundled version of Adobe Flash Player.
- An error within certain interaction handling may allow cross-site scripting attacks in EUC-JP.
- An error in SVG text handling can be exploited to cause an out-of-bounds read.
- An error in text fragment handling can be exploited to cause an out-of-bounds read.
- An error exists within SPDY proxy certificate checking.
- An off-by-one error exists in OpenType sanitizer.
- A validation error exists within the handling of certain navigation requests from the renderer.
- A use-after-free error exists in SVG clipping.
- An unspecified error in Skia can be exploited to corrupt memory.
- An error exists in v8.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Spoofing
System / Technologies affected
- Google Chrome versions prior to 18.0.1025.142.
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 18.0.1025.142.
Vulnerability Identifier
- CVE-2011-3057
- CVE-2011-3058
- CVE-2011-3059
- CVE-2011-3060
- CVE-2011-3061
- CVE-2011-3062
- CVE-2011-3063
- CVE-2011-3064
- CVE-2011-3065
- CVE-2012-0772
- CVE-2012-0773
Source
Related Link
Share with