Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks or potentially to compromise a user's system.
1) An unspecified error related to "application/json" responses can be exploited to conduct cross-site scripting attacks.
2) An unspecified error related to video handling can be exploited to corrupt memory.
3) An unspecified error exists related to subresources being displayed in omnibox loading. No further information is currently available.
4) Another unspecified error related to video handling can be exploited to corrupt memory.
5) An unspecified error exists related to a stale pointer in the processing of x509-user-cert responses. No further information is currently available.
Solution: Update to version 5.0.375.86.
Provided and/or discovered by: The vendor credits:
1) Ben Davis for the original discovery and Emanuele Gentili for the regression discovery
2) Mark Dowd
3) Michal Zalewski, Google Security Team.
4) Google Chrome Security Team (Cris Neckar)
5) Rodrigo Marcos, SECFORCE
Original Advisory: http://googlechromereleases.blogspot.com/2010/06/stable-channel-update_24.html
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Score: 2347 Posts: 3,242 User Since: 19th Dec 2007 System Score: N/A Location: N/A Last edited on 25th Jun, 2010 13:16
As a new poster on the Community Forum , let me advise you that you are posting in a "sub-forum" reserved for technical commentary on a specific Secunia Advisory .
Your comments relate to your specific concerns about your program and it's display by PSI and are not relevant as such to SA 40351 .
If you still require help , I would suggest you repost your questions/comments by "creating" a new thread in either the "Program" or "PSI" sub-forum (see the column on the left hand side of this "Community" webpage).
It always seems impossible until its done.
Was this reply relevant?
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.