Google Chrome Multiple Vulnerabilities
Last Update Date:
14 Jan 2013 18:01
Release Date:
14 Jan 2013
5195
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
- A buffer overflow vulnerability exists in the bundled version of Adobe Flash Player.
- A use-after-free error exists when handling SVG layouts, certain DOM objects and certain fields in PDF files, seeking video and printing.
- An error when handling URLs can be exploited to bypass the same origin policy and the sandbox for worker processes (note: affects Mac only), and corrupt database metadata and access certain files.
- An unspecified error exists when handling certain filenames, and within v8 garbage collection and extension tab handling.
- An integer overflow error exists when handling audio IPC and JavaScript in PDF files, and in shared memory allocation (note: affects Windows only).
- Some out-of-bounds read errors exist when seeking video, handling images in PDF files, printing, and handling glyph.
- An out-of-bounds stack access error exists in v8.
- A bad cast error exists in PDF root handling.
Impact
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Google Chrome 23.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 24.0.1312.52.
Vulnerability Identifier
- CVE-2012-5146
- CVE-2012-5145
- CVE-2012-5147
- CVE-2012-5148
- CVE-2012-5149
- CVE-2012-5150
- CVE-2012-5151
- CVE-2012-5152
- CVE-2012-5153
- CVE-2012-5154
- CVE-2012-5155
- CVE-2012-5156
- CVE-2012-5157
- CVE-2013-0828
- CVE-2013-0829
- CVE-2013-0830
- CVE-2013-0831
- CVE-2013-0832
- CVE-2013-0833
- CVE-2013-0834
- CVE-2013-0835
- CVE-2013-0836
- CVE-2013-0837
- CVE-2013-0838
Source
Related Link
Share with