فا

‫ Google Chrome Multiple Vulnerabilities

IRCAD2014013078
ID: IRCAD2014013078
Release Date: 2014-01-14
Criticality level: Highly critical
Software:
Google Chrome 31.x
Description:
Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system.
1) A use-after-free error exists within web workers.
2) A use-after-free error exists related to forms.
3) An unspecified error can be exploited to spoof the address bar.
4) An error related to an unprompted sync with a Google account can be exploited to bypass certain security restrictions.
5) A use-after-free error exists related to speech input elements.
6) Multiple unspecified errors exist.
Successful exploitation of the vulnerabilities #1, #2, #5, and #6 may allow execution of arbitrary code.
The vulnerabilities are reported in the following products and versions:
* Google Chrome for Windows and Chrome Frame prior to version 32.0.1700.76.
* Google Chrome for Mac and Linux prior to version 32.0.1700.77.
Solution
Upgrade to a fixed version.
References:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 25 دی 1392

امتیاز

امتیاز شما
تعداد امتیازها: 0