SB2011050401 - Multiple vulnerabilities in Techland Chrome
Published: May 4, 2011 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 21 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2011-1456)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
2) Input validation error (CVE-ID: CVE-2011-1303)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
3) Input validation error (CVE-ID: CVE-2011-1304)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.
4) Input validation error (CVE-ID: CVE-2011-1434)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
5) Incorrect default permissions (CVE-ID: CVE-2011-1435)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.
6) Integer overflow (CVE-ID: CVE-2011-1437)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering.
7) Input validation error (CVE-ID: CVE-2011-1438)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs.
8) Use-after-free (CVE-ID: CVE-2011-1440)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
9) Type conversion (CVE-ID: CVE-2011-1441)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during handling of floating select lists, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
10) Input validation error (CVE-ID: CVE-2011-1442)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors.
11) Input validation error (CVE-ID: CVE-2011-1443)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
12) Out-of-bounds read (CVE-ID: CVE-2011-1445)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
13) Input validation error (CVE-ID: CVE-2011-1446)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving (1) a navigation error or (2) an interrupted load.
14) Input validation error (CVE-ID: CVE-2011-1447)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
15) Input validation error (CVE-ID: CVE-2011-1448)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
16) Use-after-free (CVE-ID: CVE-2011-1449)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing unknown vectors. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
17) Input validation error (CVE-ID: CVE-2011-1450)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
18) Input validation error (CVE-ID: CVE-2011-1451)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
19) Input validation error (CVE-ID: CVE-2011-1452)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload.
20) Use-after-free (CVE-ID: CVE-2011-1454)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing a crafted HTML document. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
21) Out-of-bounds read (CVE-ID: CVE-2011-1455)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
Remediation
Install update from vendor's website.
References
- http://code.google.com/p/chromium/issues/detail?id=79364
- http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67162
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14356
- http://code.google.com/p/chromium/issues/detail?id=61502
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13705
- http://code.google.com/p/chromium/issues/detail?id=70538
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14399
- http://code.google.com/p/chromium/issues/detail?id=71586
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67141
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14196
- http://code.google.com/p/chromium/issues/detail?id=72523
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67142
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14586
- http://code.google.com/p/chromium/issues/detail?id=73526
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67144
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14601
- http://code.google.com/p/chromium/issues/detail?id=74653
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67145
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14621
- http://code.google.com/p/chromium/issues/detail?id=75186
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
- http://support.apple.com/kb/HT4981
- http://support.apple.com/kb/HT5000
- http://www.debian.org/security/2011/dsa-2245
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67147
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14083
- http://code.google.com/p/chromium/issues/detail?id=75347
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67148
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14646
- http://code.google.com/p/chromium/issues/detail?id=75801
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67149
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13808
- http://code.google.com/p/chromium/issues/detail?id=76001
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67150
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14627
- http://code.google.com/p/chromium/issues/detail?id=76646
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67152
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14557
- http://code.google.com/p/chromium/issues/detail?id=76666
- http://code.google.com/p/chromium/issues/detail?id=77507
- http://code.google.com/p/chromium/issues/detail?id=78031
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67153
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14560
- http://code.google.com/p/chromium/issues/detail?id=76966
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67154
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13958
- http://code.google.com/p/chromium/issues/detail?id=77130
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67155
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14293
- http://code.google.com/p/chromium/issues/detail?id=77346
- http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
- http://support.apple.com/kb/HT4808
- http://support.apple.com/kb/HT4999
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67156
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14478
- http://code.google.com/p/chromium/issues/detail?id=77349
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67157
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633
- http://code.google.com/p/chromium/issues/detail?id=77463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67158
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14279
- http://code.google.com/p/chromium/issues/detail?id=77786
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67159
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14759
- http://code.google.com/p/chromium/issues/detail?id=79199
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67160
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14469
- http://code.google.com/p/chromium/issues/detail?id=79361
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67161
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14136