Secunia

Some vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, or potentially execute arbitrary code.

1) Some race conditions and pointer errors exist within the sandbox infrastructure.

2) An error exists related to persisted metadata such as Web Databases and STS.

3) The application processes HTTP headers before completing the SafeBrowsing check.

4) A memory error exists related to malformed SVG files.

5) Integer overflow errors exist within certain unspecified WebKit JavaScript objects.

6) The HTTP basic authentication dialog truncates URLs.

7) An unspecified error can be exploited to bypass the download warning dialog.

8) An unspecified error can be exploited to bypass the cross-origin policy.

9) A use-after-free error in WebKit when handling caption elements can be exploited to potentially execute arbitrary code inside the Chrome sandbox.

This is related to vulnerability #17 in:
SA40105

Solution
Update to version 4.1.249.1036.

Provided and/or discovered by
9) wushi of team509, reported via iDefense

The vendor credits:
1) Mark Dowd, Google Chrome Security Team contractor
2) Chris Evans of the Google Chrome Security Team and RSnake of ha.ckers.org
3) Mike Dougherty of dotSyntax, LLC.
4) wushi of team509
5) Sergey Glazunov
6) Inferno of the Google Chrome Security Team
7, 8) kuzzcc

Changelog
Further details available in Customer Area

Original Advisory
Google:
http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html

iDefense:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=870

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area