Google Chrome Multiple Vulnerabilities
Last Update Date:
8 Nov 2012 11:56
Release Date:
8 Nov 2012
5701
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
- The application bundles a vulnerable version of Adobe Flash Player. For more information, please refer to SA12110801.
- An integer overflow error exists in WebP handling.
- An error in v8 can be exploited to cause an out-of-bounds array access.
- A use-after-free error exists in SVG filter, video layout, extension tab and plug-in placeholder handling.
- An error exists related to integer boundary checks within GPU command buffers.
- An error exists related to inappropriate loading of SVG subresource in "img" context.
- A race condition error exists in Pepper buffer handling.
- A type casting error exists in certain input handling.
- An error in Skia can be exploited to cause an out-of-bounds read.
- An error in texture handling and v8 can be exploited to corrupt memory.
Impact
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Version prior to 23.0.1271.64
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 23.0.1271.64.
Vulnerability Identifier
- CVE-2012-5115
- CVE-2012-5116
- CVE-2012-5117
- CVE-2012-5118
- CVE-2012-5119
- CVE-2012-5120
- CVE-2012-5121
- CVE-2012-5122
- CVE-2012-5123
- CVE-2012-5124
- CVE-2012-5125
- CVE-2012-5126
- CVE-2012-5127
- CVE-2012-5128
- CVE-2012-5274
- CVE-2012-5275
- CVE-2012-5276
- CVE-2012-5277
- CVE-2012-5278
- CVE-2012-5279
- CVE-2012-5280
Source
Related Link
Share with