Google Chrome Multiple Vulnerabilities
Last Update Date:
9 Jun 2011 10:49
Release Date:
9 Jun 2011
5501
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, conduct injection attacks, bypass certain security restrictions, and potentially compromise a user's system.
- A use-after-free error exists within the float handling, accessibility support, developer tools and image loader.
- An error related to CSS can be exploited to leak history information.
- An unspecified error can be exploited to bypass the extensions permissions.
- An error related to a stale pointer exists within the extension framework.
- An error related to extensions can be exploited to inject script code into new tab pages.
- An unspecified error related to history deletion can be exploited to corrupt browser memory.
- An unspecified error allows for "extension injection" into "chrome://" pages.
- An error within v8 and an error related to the DOM can be exploited to bypass the same origin restriction.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Google Chrome 11.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 12.0.742.91.
Vulnerability Identifier
- CVE-2011-1808
- CVE-2011-1809
- CVE-2011-1810
- CVE-2011-1811
- CVE-2011-1812
- CVE-2011-1813
- CVE-2011-1814
- CVE-2011-1815
- CVE-2011-1816
- CVE-2011-1817
- CVE-2011-1818
- CVE-2011-1819
- CVE-2011-2332
- CVE-2011-2342
Source
Related Link
Share with