Google Chrome Multiple Vulnerabilities
Last Update Date:
10 Jul 2013 14:26
Release Date:
10 Jul 2013
3482
Views
RISK: High Risk
TYPE: Clients - Browsers
Multipule vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to bypass certain security restrictions, conduct spoofing attacks, disclose certain sensitive data, and compromise a user's system.
- An unspecified error exists when setting up sign-in and sync.
- An unspecified error exists within sync of NPAPI extension component.
- An out-of-bounds read error exists within JPEG2000 handling.
- A use-after-free error exists within network sockets handling.
- An unspecified error related to HTTP in SSL can be exploited to conduct MitM (Man-in-the-Middle) attacks.
- A use-after-free error exists within input handling.
- A use-after-free error exists within resource loading.
- An unspecified error related to GL textures can be exploited to disclose certain screen data.
This vulnerability is reported on Microsoft Windows systems with NVIDIA adapters only. - An out-of-bounds read error exists in SVG handling.
- An unspecified error related to interstitials can be exploited to bypass certain unspecified security restrictions.
- An out-of-bounds read error exists within text handling.
- Some unspecified errors exist.
Impact
- Security Restriction Bypass
- Information Disclosure
- Spoofing
System / Technologies affected
- Google Chrome versions prior to 28.0.1500.71
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade Google Chrome versions 28.0.1500.71
Vulnerability Identifier
- CVE-2013-2853
- CVE-2013-2868
- CVE-2013-2869
- CVE-2013-2870
- CVE-2013-2871
- CVE-2013-2873
- CVE-2013-2874
- CVE-2013-2875
- CVE-2013-2876
- CVE-2013-2878
- CVE-2013-2879
- CVE-2013-2880
Source
Related Link
Share with