SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Browser)  >   Google Chrome Vendors:   Google
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1025882
SecurityTracker URL:  http://securitytracker.com/id/1025882
CVE Reference:   CVE-2011-2358, CVE-2011-2359, CVE-2011-2360, CVE-2011-2361, CVE-2011-2782, CVE-2011-2783, CVE-2011-2784, CVE-2011-2785, CVE-2011-2786, CVE-2011-2787, CVE-2011-2788, CVE-2011-2789, CVE-2011-2790, CVE-2011-2791, CVE-2011-2792, CVE-2011-2793, CVE-2011-2794, CVE-2011-2795, CVE-2011-2796, CVE-2011-2797, CVE-2011-2798, CVE-2011-2799, CVE-2011-2800, CVE-2011-2801, CVE-2011-2802, CVE-2011-2803, CVE-2011-2804, CVE-2011-2805, CVE-2011-2818, CVE-2011-2819   (Links to External Site)
Date:  Aug 3 2011
Impact:   Denial of service via network, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 13.0.782.107
Description:   Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

An extension install may not always be confirmed via a browser dialog [CVE-2011-2358]. Sergey Glazunov reported this vulnerability.

A stale pointer error can be triggered due to bad line box tracking in rendering [CVE-2011-2359]. miaubiz and Martin Barbella reported this vulnerability.

A remote user can potentially bypass the dangerous file prompt [CVE-2011-2360]. kuzzcc reported this vulnerability.

Improve designation of strings in the basic auth dialog [CVE-2011-2361]. kuzzcc reported this vulnerability.

File permissions errors may occur during a drag and drop operation on Linux-based systems [CVE-2011-2782]. Evan Martin of the Chromium development community reported this vulnerability.

A developer mode NPAPI extension install may not always be confirmed via a browser dialog [CVE-2011-2783]. Sergey Glazunov reported this vulnerability.

A file path may be disclosed in the GL program log [CVE-2011-2784]. kuzzcc reported this vulnerability.

The homepage URL is not sanitized in extensions [CVE-2011-2785]. kuzzcc reported this vulnerability.

The speech input bubble may not always be on-screen [CVE-2011-2786]. Olli Pettay of Mozilla reported this vulnerability.

The browser may crash due to a GPU lock re-entrancy issue [CVE-2011-2787]. kuzzcc reported this vulnerability.

A buffer overflow may occur in inspector serialization [CVE-2011-2788]. Mikolaj Malecki reported this vulnerability.

A remote user can trigger a use-after-free via the Pepper plug-in [CVE-2011-2789]. Mario Gomes and kuzzcc reported this vulnerability.

A remote user can trigger a use-after-free with floating styles [CVE-2011-2790]. miaubiz reported this vulnerability.

A remote user can trigger an out-of-bounds write in ICU [CVE-2011-2791]. Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences, reported this vulnerability.

A remote user can trigger a use-after-free via float removal [CVE-2011-2792]. miaubiz reported this vulnerability.

A remote user can trigger a use-after-free in media selectors [CVE-2011-2793]. miaubiz reported this vulnerability.

A remote user can trigger an out-of-bounds read in text iteration [CVE-2011-2794]. miaubiz reported this vulnerability.

A remote user can trigger a cross-frame function leak [CVE-2011-2795]. Shih Wei-Long reported this vulnerability.

A remote user can trigger a use-after-free in Skia [CVE-2011-2796]. Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community reported this vulnerability.

A remote user can trigger a use-after-free in resource caching [CVE-2011-2797]. miaubiz reported this vulnerability.

A remote user can access some internal schemes [CVE-2011-2798]. sirdarckcat of the Google Security Team reported this vulnerability.

A remote user can trigger a use-after-free in HTML range handling [CVE-2011-2799]. miaubiz reported this vulnerability.

A remote user can obtain the client-side redirect target [CVE-2011-2800]. Juho Nurminen reported this vulnerability.

A remote user can trigger a use-after-free in frame loader [CVE-2011-2801]. miaubiz reported this vulnerability.

A remote user can trigger a crash in the v8 engine with const lookups [CVE-2011-2802]. Christian Holler reported this vulnerability.

A remote user can trigger an out-of-bounds read in Skia paths [CVE-2011-2803]. Google Chrome Security Team (Inferno) reported this vulnerability.

A remote user can create a PDF file with nested functions that will trigger a crash [CVE-2011-2804]. Aki Helin of OUSPG reported this vulnerability.

A remote user can bypass cross-origin restrictions to inject scripting code [CVE-2011-2805]. Sergey Glazunov reported this vulnerability.

A remote user can trigger a use-after-free in display box rendering [CVE-2011-2818]. Martin Barbella reported this vulnerability.

A remote user can bypass cross-origin restrictions in base URI handling [CVE-2011-2819]. Sergey Glazunov reported this vulnerability.

Impact:   A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system, obtain information, or cause a crash.
Solution:   The vendor has issued a fix (13.0.782.107).

The vendor's advisory is available at:

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Vendor URL:  googlechromereleases.blogspot.com/2011/08/stable-channel-update.html (Links to External Site)
Cause:   Access control error, Boundary error, State error
Underlying OS:  Linux (Any), UNIX (macOS/OS X), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 12 2011 (Apple Issues Fix for iTunes) Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
Apple has issued a fix for iTunes.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC