Google Chrome Multiple Vulnerabilities

Last Update Date: 9 Oct 2014 10:08 Release Date: 9 Oct 2014 3071 Views

RISK: High Risk

High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a vulnerable system.

  1. Some errors related to V8 and IPC can be exploited to execute arbitrary code outside the sandbox.
  2. An error in PDFium can be exploited to cause an out-of-bounds read access.
  3. A use-after-free error exists in Events, Rendering, DOM and Web Workers.
  4. A type confusion error exists in Session Management.
  5. An error within V8 and XSS Auditor can be exploited to disclose certain information.
  6. An error can be exploited to bypass permissions in sandbox.
  7. An error within V8 bindings can be exploited to cause a Release Assert.

Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Versions prior to 38.0.2125.101

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version 38.0.2125.101.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apache HTTP Server mod_cache Denial of Service Vulnerability

7 Oct 2014 3377 Views

Next

Cisco ASA Multiple vulnerabilities

10 Oct 2014 2899 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY