Hash: SHA1

                         AUSCERT Security Bulletin

        New Google Chrome released fixing fourteen vulnerabilities
                               10 June 2011


        AusCERT Security Bulletin Summary

Product:              Google Chrome
Operating System:     Windows
                      UNIX variants (UNIX, Linux, OSX)
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
                      Access Confidential Data        -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2011-2342 CVE-2011-2332 CVE-2011-1819
                      CVE-2011-1818 CVE-2011-1817 CVE-2011-1816
                      CVE-2011-1815 CVE-2011-1814 CVE-2011-1813
                      CVE-2011-1812 CVE-2011-1811 CVE-2011-1810
                      CVE-2011-1809 CVE-2011-1808 
Member content until: Sunday, July 10 2011


        Google has released an update to Chrome to correct multiple
        vulnerabilities. Google Chrome is now version 12.0.742.91.


        High CVE-2011-1808: Use-after-free due to integer issues in float 
        handling. Credit to miaubiz. [1]
        Medium CVE-2011-1809: Use-after-free in accessibility support. 
        Credit to Google Chrome Security Team (SkyLined). [1]
        Low CVE-2011-1810: Visit history information leak in CSS. Credit to
        Jesse Mohrland of Microsoft and Microsoft Vulnerability Research 
        (MSVR). [1]
        Low CVE-2011-1811: Browser crash with lots of form submissions. 
        Credit to DimitrisV22. [1]
        Medium CVE-2011-1812: Extensions permission bypass.Credit to kuzzcc. [1]
        High CVE-2011-1813: Stale pointer in extension framework. Credit to
        Google Chrome Security Team (Inferno). [1]
        Medium CVE-2011-1814: Read from uninitialized pointer. Credit to 
        Eric Roman of the Chromium development community. [1]
        Low CVE-2011-1815: Extension script injection into new tab page. 
        Credit to kuzzcc. [1]
        Medium CVE-2011-1816: Use-after-free in developer tools. Credit to 
        kuzzcc. [1]
        Medium CVE-2011-1817: Browser memory corruption in history deletion.
        Credit to Collin Payne. [1]
        High CVE-2011-1818: Use-after-free in image loader. Credit to 
        miaubiz. [1]
        Medium CVE-2011-1819: Extension injection into chrome:// pages. 
        Credit to Vladislavas Jarmalis, plus subsequent independent 
        discovery by Sergey Glazunov. [1]
        High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey 
        Glazunov. [1]
        High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey 
        Glazunov. [1]


        Ensure that Chrome has updated to 12.0.742.91 or higher.


        [1] Chrome Stable Release

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
Comment: https://www.auscert.org.au/1967