Operating System:

[WIN][UNIX/Linux]

Published:

10 April 2012

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ASB-2012.0051 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2012.0051
     A number of vulnerabilities have been identified in Google Chrome
                               10 April 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Google Chrome
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
Impact/Access:        Denial of Service              -- Remote with User Interaction
                      Provide Misleading Information -- Remote with User Interaction
                      Access Confidential Data       -- Remote with User Interaction
                      Unauthorised Access            -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2011-3077 CVE-2011-3076 CVE-2011-3075
                      CVE-2011-3074 CVE-2011-3073 CVE-2011-3072
                      CVE-2011-3071 CVE-2011-3070 CVE-2011-3069
                      CVE-2011-3068 CVE-2011-3067 CVE-2011-3066
Member content until: Thursday, May 10 2012

OVERVIEW

        A number of vulnerabilities have been identified in Google Chrome prior
        to version 18.0.1025.151.


IMPACT

        The vendor has provided the following details regarding these
        vulnerabilities:
        
        	"[$500] [106577] Medium CVE-2011-3066: Out-of-bounds read in
        	Skia clipping. Credit to miaubiz.
        	[117583] Medium CVE-2011-3067: Cross-origin iframe replacement.
        	Credit to Sergey Glazunov.
        	[$1000] [117698] High CVE-2011-3068: Use-after-free in run-in
        	handling. Credit to miaubiz.
        	[$1000] [117728] High CVE-2011-3069: Use-after-free in line box
        	handling. Credit to miaubiz.
        	[118185] High CVE-2011-3070: Use-after-free in v8 bindings.
        	Credit to Google Chrome Security Team (SkyLined).
        	[118273] High CVE-2011-3071: Use-after-free in
        	HTMLMediaElement. Credit to pa_kt, reporting through HP
        	TippingPoint ZDI (ZDI-CAN-1528).
        	[118467] Low CVE-2011-3072: Cross-origin violation parenting
        	pop-up window. Credit to Sergey Glazunov.
        	[$1000] [118593] High CVE-2011-3073: Use-after-free in SVG
        	resource handling. Credit to Arthur Gerkis.
        	[$500] [119281] Medium CVE-2011-3074: Use-after-free in media
        	handling. Credit to Slawomir Blazek.
        	[$1000] [119525] High CVE-2011-3075: Use-after-free applying
        	style command. Credit to miaubiz.
        	[$1000] [120037] High CVE-2011-3076: Use-after-free in focus
        	handling. Credit to miaubiz.
        	[120189] Medium CVE-2011-3077: Read-after-free in script
        	bindings. Credit to Google Chrome Security Team (Inferno)." [1]


MITIGATION

        The vendor recommends upgrading to the latest version of Google Chrome
        to correct these vulnerabilities. [1]


REFERENCES

        [1] Stable and Beta Channel Updates
            http://googlechromereleases.blogspot.fr/2012/04/stable-and-beta-channel-updates.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBT4OLX+4yVqjM2NGpAQJEQA/+OQBOXfE5rFmrCjczeWcNQ5JBxnG2L5nx
iweK/DEDKNeXo+MhuV6+qEax+nxQ39GipghaqJrV8dq/vpx/eLQ6yd76RTNlOgDW
6fj9SznUW6VhlpCMP6GSX6NRLC34nQKV27ITvWguM15Q3G+ZsWimRijIB62cb8RA
UrKKjgCcCk6J3EQm3qWu5lxWtL2j0ce7hZYmoSxnhrLjtxBVDJjLky3q7KiOQ9LA
Igtzq8q5nkeualMgjBQZzt6ctztIYch0yiEMJ7fgH1styWR7w06o3suNDNLt3wtU
kn5SvJos6VTHssQsrkFsca3/Q7M4E5j6WwLxbCqqcxKLVlKCglBT5WGI7Reh46Ft
PfoT+ufp48gvmljeUSw+No113VSJfnExRUP6KEKKg+G1f6gcjSmrCIHhpCyvSqW+
rLZwunpEZ1tVPAfKkBmPYYx/2UCt7cP3uaL4aOsWj/0tyk+NjeTv4QNHeur7NMSP
lKODc6Phzv1QoGG+t4fb+x10yslGYlaxhfS/6J40afyecAmNcsIwLgaZj9jQxO3J
9c+h2zJbKl+6EHzXpjUlBD+1xJNcflv4MvgyGFdQUG7xaSfA/zSCaWSlHRtUCkcS
QnkfAXJXuZi3IcQAYjdqjvKQjfx7zuNrfStU8StcgcYGVEw8G/AvLg/cCjyLZHd1
xiX70IjPddQ=
=RKPT
-----END PGP SIGNATURE-----