Multiple vulnerabilities have been reported in Google Chrome where some have unknown impacts while others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
1) Two unspecified errors in Flash Player can be exploited to corrupt memory in the Chrome interface.
2) An out-of-bounds read error exists when handling Skia clipping.
3) An error exists within the cross-origin policy when handling iframe replacement.
4) A use-after-free error exists when handling run-ins.
5) A use-after-free error exists when handling line boxes.
6) A use-after-free error exits when handling v8 bindings.
7) An use-after-free error within an implementation of a HTMLMedia element in Webkit can be exploited to reference an already freed source element.
8) An error exists within the cross-origin policy when parenting pop-up windows.
9) A use-after-free error exists when handling SVG resources.
10) A use-after-free error exists when handling media content.
11) A use-after-free error exists when applying style commands.
12) A use-after-free error exists when handling focus events.
13) A read-after-free error exists within script bindings.
The vulnerabilities are reported in versions prior to 18.0.1025.151.
Solution: Update to version 18.0.1025.151.
Provided and/or discovered by: 7) pa_kt via ZDI
The vendor credits:
2, 4, 5, 11, 12) miaubiz
3, 8) Sergey Glazunov
6) SkyLined, Google Chrome Security Team
9) Arthur Gerkis
10) Slawomir Blazek
13) Inferno, Google Chrome Security Team
Original Advisory: Google:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Google Chrome Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.