Skip to main content

Google Chrome mutliple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 22 Apr 2010 5379 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in Google Chrome, which could be exploited by remote attackers to bypass restrictions, disclose sensitive information or compromise a vulnerable system.

1. An unspecified type confusion error with forms.

2. A HTTP request errors, which could allow cross site request forgery attacks.

3. An unspecified local file reference through developer tools.

4. An input validation error related to "chrome://net-internals", which could allow cross-site scripting attacks.

5. An input validation error related to "chrome://downloads", which could allow cross-site scripting attacks.

6. Certain pages being loaded with privileges of the New Tab page.

7. A memory corruption related to V8 bindings.


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Google Chrome versions prior to 4.1.249.1059

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Google Chrome version 4.1.249.1059 :
http://www.google.com/chrome


Vulnerability Identifier

  • No CVE information is available

Source