Google Chrome Multiple Vulnerabilities
Last Update Date:
6 Mar 2012 11:12
Release Date:
6 Mar 2012
4412
Views
RISK: Medium Risk
TYPE: Clients - Browsers
Multipule vulnerabilities have been identified in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
- A use-after-free error exists within v8 element wrapper handling.
- A use-after-free error exists within SVG value handling.
- A buffer overflow exists within the Skia drawing library.
- A use-after-free error exists within SVG document handling.
- A use-after-free error exists within SVG use handling.
- A casting error exists within line box handling.
- A casting error exists within anonymous block splitting.
- A use-after-free error exists within multi-column handling.
- A use-after-free error exists within quote handling.
- An out-of-bounds read error exists within text handling.
- A use-after-free error exists within class attribute handling.
- A use-after-free error exists within table section handling.
- A use-after-free error exists within flexbox with floats handling.
- A use-after-free error exists within SVG animation elements handling.
- The application bundles a vulnerable version of the Adobe Flash player.
Impact
- Cross-Site Scripting
- Security Restriction Bypass
System / Technologies affected
- Google Chrome 17.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 17.0.963.65.
Vulnerability Identifier
- CVE-2011-3031
- CVE-2011-3032
- CVE-2011-3033
- CVE-2011-3034
- CVE-2011-3035
- CVE-2011-3036
- CVE-2011-3037
- CVE-2011-3038
- CVE-2011-3039
- CVE-2011-3040
- CVE-2011-3041
- CVE-2011-3042
- CVE-2011-3043
- CVE-2011-3044
- CVE-2012-0751
- CVE-2012-0752
- CVE-2012-0753
- CVE-2012-0754
- CVE-2012-0755
- CVE-2012-0756
- CVE-2012-0767
Source
Related Link
Share with