You are here

V-208: Google Chrome Multiple Vulnerabilities

August 1, 2013 - 2:32am

Addthis

PROBLEM:

Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

PLATFORM:

Google Chrome 28.x

ABSTRACT:

Some vulnerabilities have been reported in Google Chrome which allows attackers to access and compromise a user's system.

REFERENCE LINKS:

Secunia Advisory SA54325   
CVE-2013-2881  
CVE-2013-2882  
CVE-2013-2883  
CVE-2013-2884   
CVE-2013-2885   
CVE-2013-2886   
 

IMPACT ASSESSMENT:

High

DISCUSSION:

Several vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. The different types of vulnerabilities are as follows :

1) An error within frame handling can be exploited to bypass origin policies.
2) A type confusion error exists within V8.
3) A use-after-free error exists within MutationObserver.
4) A use-after-free error exists within DOM.
5) A use-after-free error exists within input handling.
6) Some unspecified errors exist.

IMPACT:

Security Bypass, System access

SOLUTION:

Vendor recommends updating to version 28.0.1500.95

Addthis