‫ Google Chrome Multiple Vulnerabilities

IRCAD2014023159
ID: IRCAD2014023159
Release Date: 2014-01-21
Criticality level: Highly critical
Software:

Google Chrome 32.x

Description:

Some vulnerabilities have been reported in Google Chrome, where some have an unspecified impact and others can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.

1) An unspecified error exists related to relative paths in Windows sandbox named pipe policy.

2) A use-after-free error related to web contents can be exploited to cause memory corruption.

3) An unspecified error exists related to type casting in SVG.

4) A use-after-free error related to layout can be exploited to cause memory corruption.

5) An error in XSS auditor can be exploited to disclose certain information.

6) Another error in XSS auditor can be exploited to disclose certain information.

7) Another use-after-free error related to layout can be exploited to cause memory corruption.

8) An unspecified error exists in certificates validation in TLS handshake.

9) An error in drag and drop can be exploited to disclose unspecified information.

10) Some unspecified errors exist. No further information is currently available.

Successful exploitation of vulnerabilities #2, #4, and #7 may allow execution of arbitrary code.

The vulnerabilities are reported in versions prior to 33.0.1750.117.

Solution

Upgrade to version 33.0.1750.117.

References:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 4 اسفند 1392

امتیاز

امتیاز شما
تعداد امتیازها:0