Google Chrome 多個漏洞
最後更新
2014年10月09日 10:08
發佈日期:
2014年10月09日
1173
觀看次數
風險: 高度風險
類型: 用戶端 - 瀏覽器
Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a vulnerable system.
- Some errors related to V8 and IPC can be exploited to execute arbitrary code outside the sandbox.
- An error in PDFium can be exploited to cause an out-of-bounds read access.
- A use-after-free error exists in Events, Rendering, DOM and Web Workers.
- A type confusion error exists in Session Management.
- An error within V8 and XSS Auditor can be exploited to disclose certain information.
- An error can be exploited to bypass permissions in sandbox.
- An error within V8 bindings can be exploited to cause a Release Assert.
影響
- 遠端執行程式碼
- 繞過保安限制
- 資料洩露
受影響之系統或技術
- Versions prior to 38.0.2125.101
解決方案
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 38.0.2125.101.
漏洞識別碼
- CVE-2014-3188
- CVE-2014-3189
- CVE-2014-3190
- CVE-2014-3191
- CVE-2014-3192
- CVE-2014-3193
- CVE-2014-3194
- CVE-2014-3195
- CVE-2014-3196
- CVE-2014-3197
- CVE-2014-3198
- CVE-2014-3199
- CVE-2014-3200
資料來源
相關連結
分享至