Secunia

Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, or potentially compromise a user's system.

1) Two errors when resolving domain names and when interpreting configured proxy lists can be exploited to disclose potentially sensitive data.

2) Multiple integer overflow errors in the v8 engine can be exploited to potentially execute arbitrary code.

3) An unspecified error in the processing of "<ruby>" tags can be exploited to potentially execute arbitrary code.

4) An error when processing "<iframe>" tags can be exploited to disclose a redirection target.

5) An error in the password manager can be exploited to incorrectly fill the HTTP authentication dialog presented by another domain with authentication data for the current domain, and potentially disclose saved credentials.

6) An integer overflow error when deserializing a sandbox message can be exploited to potentially execute arbitrary code.

The vulnerabilities are reported in versions prior to 4.0.249.89.

Solution
Update to version 4.0.249.89.

Provided and/or discovered by
5) Timothy D. Morgan of Virtual Security Research

The vendor credits:
1) Eric Roman and Christopher Eatinger
2, 6) Mark Dowd
3) SkyLined of the Google Chrome Security Team

Changelog
Further details available in Customer Area

Original Advisory
Google:
http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html

Virtual Security Research:
http://www.vsecurity.com/resources/advisory/20100215-1/

Deep Links
Links available in Customer Area