Ravens PHP Scripts

Google Chrome Multiple Vulnerabilities
Date: Monday, December 20, 2010 @ 21:33:58 PST
Topic: Security


SECUNIA ADVISORY ID: SA42605

VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42605/

CRITICALITY: Highly Critical

RELEASE DATE: 2010-12-21

DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.



1) A validation error when performing message deserialisation can be exploited to cause a crash or potentially corrupt memory. This vulnerability affects 64-bit builds for Linux only.
2) An unspecified error when parsing Cascading Style Sheets (CSS) can be exploited to trigger an out-of-bounds read.
3) An unspecified error within cursor handling can be exploited to reference stale pointers.

SOLUTION: Update to version 8.0.552.224.

PROVIDED AND/OR DISCOVERED BY: The vendor credits:
1) Lei Zhang, Chromium development community
2) Chris Rohlf
3) Slawomir Blazek and Sergey Glazunov

ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3871