‫ Google Chrome Multiple Vulnerabilities


ID: IRCAD2014083481

Release Date: 2014-08-27

Criticality level: Highly critical

Google Chrome 36.x

Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system.

1) Some errors within V8, IPC, sync, and extensions can be exploited to execute arbitrary code outside the sandbox.

2) A use-after-free error exists within SVG.
3) A use-after-free error exists within DOM.

4) An error within Extension permission dialog can be exploited to spoof certain content.

5) A use-after-free error exists within bindings.
6) An error exists within extension debugging.
7) An uninitialized memory read error exists in WebGL.

8) An uninitialized memory read error exists in Web Audio.

9) Some unspecified errors exist. No further information is currently available.

Successful exploitation of the vulnerabilities #2, #3, and #5 may allow execution of arbitrary code.

The vulnerabilities are reported in versions prior to 37.0.2062.94.


Upgrade to version 37.0.2062.94 or later.



بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 11 شهریور 1393


امتیاز شما
تعداد امتیازها:0