TITLE: Google Chrome Multiple Vulnerabilities Criticality level: Highly critical Impact: Security Bypass, Spoofing, System access, Unknown Where: From remote http://secunia.com/advisories/41888/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system. 1) An unspecified error can be exploited to conduct "autofill / autocomplete profile spamming". 2) An unspecified error related to forms can be exploited to e.g. cause a crash. 3) An unspecified error related to form autofills can be exploited to e.g. cause a crash. 4) An unspecified error related to page unloads can be exploited to conduct URL spoofing attacks. 5) An unspecified error allows to bypass the pop-up blocker. 6) An unspecified error related to a shutdown with Web Sockets can be exploited to e.g. cause a crash. 7) An unspecified error exists within the generation of the PATH variable. Note: This only affects the Linux version. 8) An unspecified error related to animated GIFs can be exploited to cause a memory corruption. 9) An unspecified error exists within the sandboxing of worker processes. Note: This only affects the Linux version. 10) An unspecified error exists due to "stale elements in an element map". SOLUTION: Fixed in version 7.0.517.41. ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-