فا

‫ Google Chrome Multiple Vulnerabilities

ID: IRCAD2015013700
Release Date: 2015-01-22
Criticality level: Highly critical

Software:
Google Chrome 39.x

Description:
Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
1) An error within ICU can be exploited to corrupt memory.
2) A use-after-free error exists in IndexedDB.
3) A use-after-free error exists in WebAudio.
4) Another error within the ICU can be exploited to corrupt memory.
5) An error within V8 can be exploited to corrupt memory.
6) Another error within V8 can be exploited to corrupt memory.
7) A use-after-free error exists in DOM.
8) Another error within V8 can be exploited to corrupt memory.
9) Another use-after-free error exists in DOM.
10) Another use-after-free error exists in DOM.
11) A use-after-free error exists in FFmpeg.
12) Another use-after-free error exists in DOM.
13) A use-after-free error exists in Speech.
14) A use-after-free error exists in Views.
15) Another use-after-free error exists in FFmpeg.
16) An error within Fonts can be exploited to corrupt memory.
Successful exploitation of the vulnerabilities #1 through #‫16 may allow execution of arbitrary code.
17) An error within V8 can be exploited to bypass the same-origin policy.
18) An error related to an uninitialized value exists in V8.
19) An out-of-bounds read error exists in UI.
20) An error related to an uninitialized value exists in Fonts.
21) An out-of-bounds read error exists in Skia.
22) An out-of-bounds read error exists in PDFium.
23) Another out-of-bounds read error exists in PDFium.
24) An out-of-bounds read error exists in Fonts.
25) Another out-of-bounds read error exists in PDFium.
26) An error related to caching exists in AppCache.
27) Some unspecified errors exist. No further information is currently available.
28) Some unspecified errors exist in V8. No further information is currently available.
The vulnerabilities are reported in versions prior to 40.0.2214.91.

Solution
Upgrade to version 40.0.2214.91.

References:
Secunia:
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 5 بهمن 1393

امتیاز

امتیاز شما
تعداد امتیازها:0