跳至主內容

Google Chrome 多個漏洞

最後更新 2014年10月09日 10:08 發佈日期: 2014年10月09日 1173 觀看次數

風險: 高度風險

類型: 用戶端 - 瀏覽器

類型: 瀏覽器

Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a vulnerable system.

  1. Some errors related to V8 and IPC can be exploited to execute arbitrary code outside the sandbox.
  2. An error in PDFium can be exploited to cause an out-of-bounds read access.
  3. A use-after-free error exists in Events, Rendering, DOM and Web Workers.
  4. A type confusion error exists in Session Management.
  5. An error within V8 and XSS Auditor can be exploited to disclose certain information.
  6. An error can be exploited to bypass permissions in sandbox.
  7. An error within V8 bindings can be exploited to cause a Release Assert.

影響

  • 遠端執行程式碼
  • 繞過保安限制
  • 資料洩露

受影響之系統或技術

  • Versions prior to 38.0.2125.101

解決方案

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version 38.0.2125.101.

漏洞識別碼


資料來源


相關連結