Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Google Chrome Multiple Vulnerabilities

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
Google Chrome Multiple Vulnerabilities

Secunia Google Chrome Multiple Vulnerabilities
Secunia Official 11th Jan, 2011 04:46
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

1) A validation error when performing message deserialisation can be exploited to cause a crash or potentially corrupt memory.

This vulnerability affects 64-bit builds for Linux only.

2) An unspecified error when parsing Cascading Style Sheets (CSS) can be exploited to trigger an out-of-bounds read.

3) An unspecified error within cursor handling can be exploited to reference stale pointers.

flyzipper RE: Google Chrome Multiple Vulnerabilities
Member 11th Jan, 2011 04:46
Score: 0
Posts: 1
User Since: 11th Jan 2011
System Score: N/A
Location: CA
Last edited on 11th Jan, 2011 04:46
The signature/scan for this may need a little tweaking.
The description states, "This vulnerability affects 64-bit builds for Linux only", yet I'm running 64-bit Windows 7 and still receive a warning.
Was this reply relevant?
+0
-0
Anthony Wells RE: Google Chrome Multiple Vulnerabilities
Expert Contributor 12th Jan, 2011 21:14
Score: 2418
Posts: 3,311
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@flyzipper ,

I would read the Linux note as referring to point 1) only and release 8.0.552.224 fixes all 3) noted insecurities , hence your warning .

The subsequent update to version 8.0.552.231 is for Mac only and is a bug fix :-

http://googlechromereleases.blogspot.com/search/la...

Hope that is clearer .

Anthony







--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability