You are here

T-683:Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

August 3, 2011 - 3:45pm

Addthis

PROBLEM:

Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system.

PLATFORM:

Google Chrome prior to 13.0.782.107

ABSTRACT:

Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code.

reference LINKS:
 

Google Chrome advisory Update
Chromium Security
SecurityTracker Alert ID: 1025882
CVE-2011-2819

IMPACT ASSESSMENT:

Medium

Discussion:
 

A remote user can create a specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

An extension install may not always be confirmed via a browser dialog [CVE-2011-2358].
A stale pointer error can be triggered due to bad line box tracking in rendering [CVE-2011-2359].
A remote user can potentially bypass the dangerous file prompt [CVE-2011-2360].
Improve designation of strings in the basic auth dialog [CVE-2011-2361].
File permissions errors may occur during a drag and drop operation on Linux-based systems [CVE-2011-2782].
A developer mode NPAPI extension install may not always be confirmed via a browser dialog [CVE-2011-2783].
A file path may be disclosed in the GL program log [CVE-2011-2784].
The homepage URL is not sanitized in extensions [CVE-2011-2785].
The speech input bubble may not always be on-screen [CVE-2011-2786].
The browser may crash due to a GPU lock re-entrancy issue [CVE-2011-2787].
A buffer overflow may occur in inspector serialization [CVE-2011-2788].
A remote user can trigger a use-after-free via the Pepper plug-in [CVE-2011-2789].
A remote user can trigger a use-after-free with floating styles [CVE-2011-2790].
A remote user can trigger an out-of-bounds write in ICU [CVE-2011-2791].
A remote user can trigger a use-after-free via float removal [CVE-2011-2792].
A remote user can trigger a use-after-free in media selectors [CVE-2011-2793].
A remote user can trigger an out-of-bounds read in text iteration [CVE-2011-2794].
A remote user can trigger a cross-frame function leak [CVE-2011-2795].
A remote user can trigger a use-after-free in Skia [CVE-2011-2796].
A remote user can trigger a use-after-free in resource caching [CVE-2011-2797].
A remote user can access some internal schemes [CVE-2011-2798].
A remote user can trigger a use-after-free in HTML range handling [CVE-2011-2799].
A remote user can obtain the client-side redirect target [CVE-2011-2800].
A remote user can trigger a use-after-free in frame loader [CVE-2011-2801].
A remote user can trigger a crash in the v8 engine with const lookups [CVE-2011-2802].
A remote user can trigger an out-of-bounds read in Skia paths [CVE-2011-2803].
A remote user can create a PDF file with nested functions that will trigger a crash [CVE-2011-2804].
A remote user can bypass cross-origin restrictions to inject scripting code [CVE-2011-2805].
A remote user can trigger a use-after-free in display box rendering [CVE-2011-2818].
A remote user can bypass cross-origin restrictions in base URI handling [CVE-2011-2819].

Impact:
 

A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system, obtain information, or cause a crash.

Solution:
 

The vendor has issued a fix (13.0.782.107).
Google Chrome Update
Google Chrome downloads

 

 

Addthis