Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2011.0048
New Google Chrome released fixing fourteen vulnerabilities
10 June 2011
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Google Chrome
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2011-2342 CVE-2011-2332 CVE-2011-1819
CVE-2011-1818 CVE-2011-1817 CVE-2011-1816
CVE-2011-1815 CVE-2011-1814 CVE-2011-1813
CVE-2011-1812 CVE-2011-1811 CVE-2011-1810
CVE-2011-1809 CVE-2011-1808
Member content until: Sunday, July 10 2011
OVERVIEW
Google has released an update to Chrome to correct multiple
vulnerabilities. Google Chrome is now version 12.0.742.91.
IMPACT
High CVE-2011-1808: Use-after-free due to integer issues in float
handling. Credit to miaubiz. [1]
Medium CVE-2011-1809: Use-after-free in accessibility support.
Credit to Google Chrome Security Team (SkyLined). [1]
Low CVE-2011-1810: Visit history information leak in CSS. Credit to
Jesse Mohrland of Microsoft and Microsoft Vulnerability Research
(MSVR). [1]
Low CVE-2011-1811: Browser crash with lots of form submissions.
Credit to DimitrisV22. [1]
Medium CVE-2011-1812: Extensions permission bypass.Credit to kuzzcc. [1]
High CVE-2011-1813: Stale pointer in extension framework. Credit to
Google Chrome Security Team (Inferno). [1]
Medium CVE-2011-1814: Read from uninitialized pointer. Credit to
Eric Roman of the Chromium development community. [1]
Low CVE-2011-1815: Extension script injection into new tab page.
Credit to kuzzcc. [1]
Medium CVE-2011-1816: Use-after-free in developer tools. Credit to
kuzzcc. [1]
Medium CVE-2011-1817: Browser memory corruption in history deletion.
Credit to Collin Payne. [1]
High CVE-2011-1818: Use-after-free in image loader. Credit to
miaubiz. [1]
Medium CVE-2011-1819: Extension injection into chrome:// pages.
Credit to Vladislavas Jarmalis, plus subsequent independent
discovery by Sergey Glazunov. [1]
High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey
Glazunov. [1]
High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey
Glazunov. [1]
MITIGATION
Ensure that Chrome has updated to 12.0.742.91 or higher.
REFERENCES
[1] Chrome Stable Release
http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://www.auscert.org.au/1967
iD8DBQFN8Y0+/iFOrG6YcBERAnBHAJ4yUyRFJHusYBarD997vtxB6pj6ZwCfYfJh
M5vKAFo23pSuFVGlF0Ajf5c=
=FSo9
-----END PGP SIGNATURE-----