[PCWorks] Google Chrome Multiple Vulnerabilities
- From: "Clint Hamilton-PCWorks Admin" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
- To: "PCWorks@xxxxxxxxxxxxx" <pcworks@xxxxxxxxxxxxx>
- Date: Thu, 27 Sep 2012 03:30:57 -0500
TITLE:
Google Chrome Multiple Vulnerabilities
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, System access
Where: From remote
Software: Google Chrome 21.x
SECUNIA ADVISORY ID:
http://secunia.com/advisories/50759/
DESCRIPTION:
Multiple vulnerabilities have been reported in Google Chrome,
where
some have an unknown impact and others can be exploited by
malicious
people to conduct cross-site scripting attacks, bypass certain
security restrictions, and compromise a user's system.
1) Certain unspecified input related to frame handling is not
properly sanitised before being returned to the user. This can
be
exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.
2) Certain unspecified input within v8 bindings is not properly
sanitised before being returned to the user. This can be
exploited to
execute arbitrary HTML and script code in a user's browser
session in
context of an affected site.
3) An error exists within plugin handling and can be exploited
to
cause DOM tree corruption.
4) An error due to SSE2 optimizations can be exploited to cause
a
buffer overflow.
5) An error exists within Skia and can be exploited to cause an
out-of-bounds write.
6) A use-after-free error exists within onclick handling.
7) A use-after-free error exists related to SVG text
references.
8) An integer overflow error exists related to WebGL handling.
9) An unspecified error can be exploited to cause DOM topology
corruption.
10) An error exists within Skia and can be exploited to cause
an
out-of-bounds write.
11) Some weaknesses exist in the PDF viewer.
12) A use-after-free error exists within the plug-in handling.
13) A race condition exists when handling plug-in paint
buffers.
14) An error when handling OGG containers can be exploited to
reference an invalid pointer.
15) A double-free error exists on exit.
16) A use-after-free error exists within the PDF viewer.
17) An unspecified error exists and can be exploited to bypass
the
pop-up block.
18) A double-free error exists within XSL transforms.
19) Some errors within the PDF viewer can be exploited to cause
an
out-of-bounds write.
SOLUTION:
Upgrade to version 22.0.1229.79.
ORIGINAL ADVISORY:
Google:
http://googlechromereleases.blogspot.dk/2012/09/stable-channel-update_25.html
=========================
The list's FAQ's can be seen by sending an email to
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.
To unsubscribe, subscribe, set Digest or Vacation to on or off, go to
//www.freelists.org/list/pcworks . You can also send an email to
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your
member list settings can be found at
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have
access to numerous other email options.
The list archives are located at //www.freelists.org/archives/pcworks/ .
All email posted to the list will be placed there in the event anyone needs to
look for previous posts.
-zxdjhu-
Other related posts:
