Skip to main content

Google Chrome Multiple Vulnerabilities

Last Update Date: 10 Jul 2013 14:26 Release Date: 10 Jul 2013 4016 Views

RISK: High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multipule vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to bypass certain security restrictions, conduct spoofing attacks, disclose certain sensitive data, and compromise a user's system.

  1. An unspecified error exists when setting up sign-in and sync.
  2. An unspecified error exists within sync of NPAPI extension component.
  3. An out-of-bounds read error exists within JPEG2000 handling.
  4. A use-after-free error exists within network sockets handling.
  5. An unspecified error related to HTTP in SSL can be exploited to conduct MitM (Man-in-the-Middle) attacks.
  6. A use-after-free error exists within input handling.
  7. A use-after-free error exists within resource loading.
  8. An unspecified error related to GL textures can be exploited to disclose certain screen data.
    This vulnerability is reported on Microsoft Windows systems with NVIDIA adapters only.
  9. An out-of-bounds read error exists in SVG handling.
  10. An unspecified error related to interstitials can be exploited to bypass certain unspecified security restrictions.
  11. An out-of-bounds read error exists within text handling.
  12. Some unspecified errors exist.

Impact

  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing

System / Technologies affected

  • Google Chrome versions prior to 28.0.1500.71

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade  Google Chrome versions 28.0.1500.71

Vulnerability Identifier


Source


Related Link