Google Chrome Multiple Vulnerabilities
Release Date : 2013-03-27
Criticality level : Highly critical
Impact : Unknown
Where : From remote
Solution Status: Unpatched
Software: Google Chrome 25.x
Multiple vulnerabilities have been reported in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
1) A use-after-free error exists in Web Audio.
2) An out-of-bounds read error exists in URL loader.
3) A use-after-free error exists with pop-up windows in extensions.
4) A use-after-free error exists in extension bookmarks API.
5) The application does not properly ensure running isolated web sites in their own processes.
6) An unspecified error exists related to memory safety in the USB Apps API.
7) An error exists when verifying an extension's permissions API use in relation to file permissions.
8) An error exists due to pasting active tags in certain situations.
The vulnerabilities are reported in versions prior to 26.0.1410.43.
Upgrade to version 26.0.1410.43.
Provided and/or discovered by:
5) Reported by the vendor.
The vendor credits:
1) Atte Kettunen, OUSPG
2) Cris Neckar, Google Chrome Security Team
3, 4, 6) Mustafa Emre Acer, Google Chrome Security Team
7) Benjamin Kalman, Chromium development community
8) Subho Halder, Aditya Gupta, and Dev Kar, xys3c
Was this reply helpful? (0) (0)