Skip to main content

Google Chrome Multiple Vulnerabilities

Last Update Date: 9 Oct 2014 10:08 Release Date: 9 Oct 2014 4074 Views

RISK: High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a vulnerable system.

  1. Some errors related to V8 and IPC can be exploited to execute arbitrary code outside the sandbox.
  2. An error in PDFium can be exploited to cause an out-of-bounds read access.
  3. A use-after-free error exists in Events, Rendering, DOM and Web Workers.
  4. A type confusion error exists in Session Management.
  5. An error within V8 and XSS Auditor can be exploited to disclose certain information.
  6. An error can be exploited to bypass permissions in sandbox.
  7. An error within V8 bindings can be exploited to cause a Release Assert.

Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Versions prior to 38.0.2125.101

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version 38.0.2125.101.

Vulnerability Identifier


Source


Related Link