Skip to main content

Google Chrome Multiple Vulnerabilities

Last Update Date: 2 Apr 2012 Release Date: 30 Mar 2012 6034 Views

RISK: High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting and spoofing attacks and compromise a user's system.

  1. Some errors exist in the bundled version of Adobe Flash Player.
  2. An error within certain interaction handling may allow cross-site scripting attacks in EUC-JP.
  3. An error in SVG text handling can be exploited to cause an out-of-bounds read.
  4. An error in text fragment handling can be exploited to cause an out-of-bounds read.
  5. An error exists within SPDY proxy certificate checking.
  6. An off-by-one error exists in OpenType sanitizer.
  7. A validation error exists within the handling of certain navigation requests from the renderer.
  8. A use-after-free error exists in SVG clipping.
  9. An unspecified error in Skia can be exploited to corrupt memory.
  10. An error exists in v8.

Impact

  • Cross-Site Scripting
  • Remote Code Execution
  • Spoofing

System / Technologies affected

  • Google Chrome versions prior to 18.0.1025.142.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version 18.0.1025.142.

Vulnerability Identifier


Source


Related Link