SB2011091901 - Multiple vulnerabilities in Techland Chrome
Published: September 19, 2011 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 30 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2011-2830)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
2) NULL pointer dereference (CVE-ID: CVE-2011-2849)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via unspecified vectors.
3) Out-of-bounds read (CVE-ID: CVE-2011-2850)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
4) Out-of-bounds read (CVE-ID: CVE-2011-2851)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
5) Off-by-one (CVE-ID: CVE-2011-2852)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
6) Use-after-free (CVE-ID: CVE-2011-2853)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to plug-in handling. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
7) Use-after-free (CVE-ID: CVE-2011-2854)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to "ruby / table style handing. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
8) Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-ID: CVE-2011-2855)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
9) Origin validation error (CVE-ID: CVE-2011-2856)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
10) Use-after-free (CVE-ID: CVE-2011-2857)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to the focus controller. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
11) Out-of-bounds read (CVE-ID: CVE-2011-2858)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
12) Incorrect default permissions (CVE-ID: CVE-2011-2859)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors.
13) Use-after-free (CVE-ID: CVE-2011-2860)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to table styles. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
14) Input validation error (CVE-ID: CVE-2011-2861)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation.
15) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2011-2862)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors.
16) Out-of-bounds read (CVE-ID: CVE-2011-2864)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
17) Improper Certificate Validation (CVE-ID: CVE-2011-2874)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors.
18) Type Confusion (CVE-ID: CVE-2011-2875)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
19) Out-of-bounds read (CVE-ID: CVE-2011-3234)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
20) Double Free (CVE-ID: CVE-2011-2834)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
21) Race condition (CVE-ID: CVE-2011-2835)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Race condition in Google Chrome before 14.0.835.163 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the certificate cache.
22) Input validation error (CVE-ID: CVE-2011-2836)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 14.0.835.163 does not require Infobar interaction before use of the Windows Media Player plug-in, which makes it easier for remote attackers to have an unspecified impact via crafted Flash content.
23) Input validation error (CVE-ID: CVE-2011-2838)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 14.0.835.163 does not properly consider the MIME type during the loading of a plug-in, which has unspecified impact and remote attack vectors.
24) Input validation error (CVE-ID: CVE-2011-2840)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to "unusual user interaction."
25) Input validation error (CVE-ID: CVE-2011-2841)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
26) Out-of-bounds read (CVE-ID: CVE-2011-2843)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
27) Out-of-bounds read (CVE-ID: CVE-2011-2844)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
28) Use-after-free (CVE-ID: CVE-2011-2846)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to unload event handling. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
29) Use-after-free (CVE-ID: CVE-2011-2847)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing a crafted document. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
30) Input validation error (CVE-ID: CVE-2011-2848)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to the forward button.
Remediation
Install update from vendor's website.
References
- http://code.google.com/p/chromium/issues/detail?id=76771
- http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14336
- http://code.google.com/p/chromium/issues/detail?id=89795
- http://osvdb.org/75549
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69875
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14047
- http://code.google.com/p/chromium/issues/detail?id=90134
- http://osvdb.org/75551
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69877
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14710
- http://code.google.com/p/chromium/issues/detail?id=90173
- http://osvdb.org/75552
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69878
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14040
- http://code.google.com/p/chromium/issues/detail?id=91120
- http://osvdb.org/75553
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69879
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14551
- http://code.google.com/p/chromium/issues/detail?id=91197
- http://osvdb.org/75555
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69880
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14395
- http://code.google.com/p/chromium/issues/detail?id=92651
- http://code.google.com/p/chromium/issues/detail?id=94800
- http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html
- http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
- http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
- http://osvdb.org/75556
- http://secunia.com/advisories/48274
- http://secunia.com/advisories/48288
- http://secunia.com/advisories/48377
- http://www.securitytracker.com/id?1026774
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69881
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14691
- http://code.google.com/p/chromium/issues/detail?id=92959
- http://osvdb.org/75557
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69882
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14485
- http://code.google.com/p/chromium/issues/detail?id=93416
- http://osvdb.org/75558
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69883
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14262
- http://code.google.com/p/chromium/issues/detail?id=93420
- http://osvdb.org/75559
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69884
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14593
- http://code.google.com/p/chromium/issues/detail?id=95625
- http://osvdb.org/75566
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69891
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14592
- http://code.google.com/p/chromium/issues/detail?id=93497
- http://osvdb.org/75561
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69886
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14594
- http://code.google.com/p/chromium/issues/detail?id=93587
- http://osvdb.org/75562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69887
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14499
- http://code.google.com/p/chromium/issues/detail?id=93596
- http://osvdb.org/75563
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69888
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14677
- http://code.google.com/p/chromium/issues/detail?id=93906
- http://osvdb.org/75564
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69889
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14431
- http://code.google.com/p/chromium/issues/detail?id=95563
- http://osvdb.org/75565
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69890
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14296
- http://code.google.com/p/chromium/issues/detail?id=95917
- http://osvdb.org/75567
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69892
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14454
- http://code.google.com/p/chromium/issues/detail?id=95920
- http://osvdb.org/75554
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69893
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14229
- http://code.google.com/p/chromium/issues/detail?id=89991
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
- http://osvdb.org/75550
- http://support.apple.com/kb/HT4981
- http://support.apple.com/kb/HT4999
- http://support.apple.com/kb/HT5000
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69876
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14224
- http://code.google.com/p/chromium/issues/detail?id=93472
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
- http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
- http://osvdb.org/75560
- http://rhn.redhat.com/errata/RHSA-2013-0217.html
- http://support.apple.com/kb/HT5281
- http://support.apple.com/kb/HT5503
- http://www.debian.org/security/2012/dsa-2394
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:145
- http://www.redhat.com/support/errata/RHSA-2011-1749.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69885
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410
- http://code.google.com/p/chromium/issues/detail?id=49377
- http://osvdb.org/75536
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69862
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14234
- http://code.google.com/p/chromium/issues/detail?id=51464
- http://osvdb.org/75537
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69863
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13966
- http://code.google.com/p/chromium/issues/detail?id=75070
- http://osvdb.org/75539
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69865
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14261
- http://code.google.com/p/chromium/issues/detail?id=78427
- http://code.google.com/p/chromium/issues/detail?id=83031
- http://osvdb.org/75546
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69867
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14491
- http://code.google.com/p/chromium/issues/detail?id=78639
- http://osvdb.org/75541
- http://securityreason.com/securityalert/8411
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69868
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14019
- https://www.exploit-db.com/exploits/17929/
- http://code.google.com/p/chromium/issues/detail?id=82438
- http://osvdb.org/75543
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69870
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14547
- http://code.google.com/p/chromium/issues/detail?id=85041
- http://osvdb.org/75544
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69871
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14696
- http://code.google.com/p/chromium/issues/detail?id=89219
- http://osvdb.org/75545
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69872
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14451
- http://code.google.com/p/chromium/issues/detail?id=89330
- http://osvdb.org/75547
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69873
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14695
- http://code.google.com/p/chromium/issues/detail?id=89564
- http://osvdb.org/75548
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69874
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13915