‫ Three Security Fixes Included in Chrome 34.0.1847.137

Date: 2014-05-18

According to “softpedia”, the latest stable version of Google Chrome, 34.0.1847.137, includes three security fixes. The issues, all of which are high-severity, have been given the following CVE identifiers: CVE-2014-1740, CVE-2014-1741 and CVE-2014-1742.

-CVE-2014-1740: a use-after-free in WebSockets reported by Collin Payne.

-CVE-2014-1741: integer overflow flaw in DOM ranges reported by John Butler.

-CVE-2014-1742: use-after-free in editing reported by cloudfuzzer.

Two of the vulnerabilities were identified with AddressSanitizer. The latest Chrome stable channel update also brings Flash Player to version

Adobe has updated Flash Player to address six vulnerabilities, including a use-after-free reported by Zeguang Zhao of team509 and Liang Chen of Keen Team at Pwn2Own 2014.

The Flash Player security holes could have been exploited to bypass the same policy origin, bypass security mechanisms and execute arbitrary code.

Users are advised to update their installations as soon as possible.

Related Link:

Google Chrome Multiple Vulnerabilities



بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 28 اردیبهشت 1393



امتیاز شما
تعداد امتیازها:0