Google Chrome Multiple Vulnerabilities
Last Update Date:
9 Apr 2014 16:27
Release Date:
9 Apr 2014
4247
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by attacker to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
- An unspecified error within V8 can be exploited to conduct cross-site scripting attacks.
- An error within V8 can be exploited to cause an out-of-bounds memory access.
- An integer overflow error exists within compositor.
- A use-after-free error exists within web workers.
- A use-after-free error exists within DOM.
- An unspecified error within V8 can be exploited to cause memory corruption.
- A use-after-free error exists within rendering.
- An unspecified error exists when handling URLs containing RTL characters.
- A use-after-free error exists in speech.
- An error when handling certain window property can be exploited to cause an out-of-bounds read access.
- An unspecified error can be exploited to bypass certain cross-origin policies.
- A use-after-free error exists in forms.
- Some unspecified errors exist.
- Some other unspecified errors exist in V8.
- The application bundles a vulnerable version of Adobe Flash Player.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Google Chrome 33.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 34.0.1847.116.
Vulnerability Identifier
- CVE-2014-1716
- CVE-2014-1717
- CVE-2014-1718
- CVE-2014-1719
- CVE-2014-1720
- CVE-2014-1721
- CVE-2014-1722
- CVE-2014-1723
- CVE-2014-1724
- CVE-2014-1725
- CVE-2014-1726
- CVE-2014-1727
- CVE-2014-1728
- CVE-2014-1729
Source
Related Link
Share with