Google Chrome Multiple Vulnerabilities
Last Update Date:
10 Apr 2012 14:13
Release Date:
10 Apr 2012
5315
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Google Chrome where some have unknown impacts while others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
- Two unspecified errors in Flash Player can be exploited to corrupt memory in the Chrome interface.
- An out-of-bounds read error exists when handling Skia clipping.
- An error exists within the cross-origin policy when handling iframe replacement.
- A use-after-free error exists when handling run-ins.
- A use-after-free error exists when handling line boxes.
- A use-after-free error exits when handling v8 bindings.
- A use-after-free error exits when handling HTMLMediaElement.
- An error exists within the cross-origin policy when parenting pop-up windows.
- A use-after-free error exists when handling SVG resources.
- A use-after-free error exists when handling media content.
- A use-after-free error exists when applying style commands.
- A use-after-free error exists when handling focus events.
- A read-after-free error exists within script bindings.
Impact
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Google Chrome versions prior to 18.0.1025.151.
Solutions
- Update to version 18.0.1025.151.
Vulnerability Identifier
- CVE-2011-3066
- CVE-2011-3067
- CVE-2011-3068
- CVE-2011-3069
- CVE-2011-3070
- CVE-2011-3071
- CVE-2011-3072
- CVE-2011-3073
- CVE-2011-3074
- CVE-2011-3075
- CVE-2011-3076
- CVE-2011-3077
- CVE-2012-0724
- CVE-2012-0725
Source
Related Link
Share with