Google Chrome Multiple Vulnerabilities

Posted on Thursday, March 18, 2010 @ 20:28:35 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA39029

VERIFY ADVISORY: http://secunia.com/advisories/39029/

CRITICALITY: Highly Critical

DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to conduct spoofing attacks and bypass certain security restrictions.



1) Some race conditions and pointer errors exist within the sandbox infrastructure.
2) An error exists related to persisted metadata such as Web Databases and STS.
3) The application processes HTTP headers before completing the SafeBrowsing check.
4) A memory error exists related to malformed SVG files.
5) Integer overflow errors exist within certain unspecified WebKit JavaScript objects.
6) The HTTP basic authentication dialog truncates URLs.
7) An unspecified error can be exploited to bypass the download warning dialog.
8) An unspecified error can be exploited to bypass the cross-origin policy.

SOLUTION: Update to version 4.1.249.1036.

PROVIDED AND/OR DISCOVERED BY: The vendor credits:
1) Mark Dowd, Google Chrome Security Team contractor
2) Chris Evans of the Google Chrome Security Team and RSnake of ha.ckers.org
3) Mike Dougherty of dotSyntax, LLC.
4) wushi of team509
5) Sergey Glazunov
6) Inferno of the Google Chrome Security Team
7, 8) kuzzcc

ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
 
 
click Related        click Share
 
 
Associated Topics

Internet
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 367,528,429
  • Today: 62,047
Server InfoServer Info
  • Sep 24, 2018
  • 04:19 pm PDT
 
 

Daily Inspiration