Google Chrome Multiple Vulnerabilities
Last Update Date:
28 Jun 2012 11:55
Release Date:
28 Jun 2012
5171
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.
- An unspecified error can be exploited to disclose the iFrame fragment ID, and interrupt other sandboxed processes.
- A use-after-free error exists within table section handling, counter layout handling, SVG resource handling, SVG painting, the Mac UI, first-letter handling and SVG reference handling.
- An unspecified error exists within texture handling and autofill display.
- An out-of-bounds read error exists within SVG filter handling, the PDF section and texture conversion.
- Integer overflow errors exist within the PDF section and the Matroska container.
- A error when setting array values can be exploited to defererence a NULL-pointer.
- A NULL-pointer dereference error exists within PDF image codec.
- An error within the PDF JS API can be exploited to cause a buffer overflow.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Google Chrome 19.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 20.0.1132.43.
Vulnerability Identifier
- CVE-2012-2764
- CVE-2012-2815
- CVE-2012-2816
- CVE-2012-2817
- CVE-2012-2818
- CVE-2012-2819
- CVE-2012-2820
- CVE-2012-2821
- CVE-2012-2822
- CVE-2012-2823
- CVE-2012-2824
- CVE-2012-2826
- CVE-2012-2827
- CVE-2012-2828
- CVE-2012-2829
- CVE-2012-2830
- CVE-2012-2831
- CVE-2012-2832
- CVE-2012-2833
- CVE-2012-2834
Source
Related Link
Share with