Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2012.0096 A number of vulnerabilities have been identified in Google Chrome 28 June 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade CVE Names: CVE-2012-2834 CVE-2012-2833 CVE-2012-2832 CVE-2012-2831 CVE-2012-2830 CVE-2012-2829 CVE-2012-2828 CVE-2012-2827 CVE-2012-2826 CVE-2012-2825 CVE-2012-2824 CVE-2012-2823 CVE-2012-2822 CVE-2012-2821 CVE-2012-2820 CVE-2012-2819 CVE-2012-2818 CVE-2012-2817 CVE-2012-2816 CVE-2012-2815 CVE-2012-2807 CVE-2012-2764 Member content until: Saturday, July 28 2012 OVERVIEW A number of vulnerabilities have been identified in Google Chrome prior to 20.0.1132.43.[1] IMPACT The following information is available on Google's website: "[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google. [Windows only] [119150] [119250] High CVE-2012-2816: Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Justin Schuh). [$1000] [120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz. [$1000] [120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz. [120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken gets Russell of the Chromium development community. [121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG. [122925] Medium CVE-2012-2821: Autofill display problem. Credit to simonbrown60. [various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind). [$1000] [124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz. [$1000] [125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz. [128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno). [Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan). [129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans). [$1000] [129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz. [$1000] [129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz. [Windows only] [130276] Low CVE-2012-2764: Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting. [$1000] [130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz. [131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team. [132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team. [$1000] [132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Jri Aedla. [$500] [127417] Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire. [64-bit Linux only] [$3000] [129930] High CVE-2012-2807: Integer overflows in libxml. Credit to Jri Aedla."[1] MITIGATION Users should update to the latest version of Chrome.[1] REFERENCES [1] Stable Channel Update http://googlechromereleases.blogspot.com.au/search/label/Stable%20updates AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBT+uyGe4yVqjM2NGpAQJL1Q//cJtfnQNnHLpnkUiNl8kXa5VSO4kuuy9p jGZwF5Z9NzEQvyDKhPQV8uGL8Khv3E+ZwlRcrZFfz68Ixf2jiptx5+y8VAS0uv2C QRZwm5gU5rd2dnTEhlodmEDO/gBBLmAibx9iRw4jn5N2UpoBuhuyD9/p+XhWPKUx bDauYZwSQ0yBylnPtj5BzidTONcuzjZUGxHbtSERPhJIsU0X34JK/g0lki8H/Tk3 6t+iofT9f5OO4xli/iy17AR4tIKuY7Olwo0P1xl3CD6TXUZN/SgAjaNDz+6qatWt 5+mUWpazhPlmgbGIvnwAzD115DC/TLLw7v2730zWUx4hll9YlP/swKCMOzfneHET YTinyHnLKlTgKRqhQ/ShBxJiYEM3GiiwmrsfXOxoob27Q1guSDl+69Y43YiNrlY9 ehMhS4pu259lUz10kvQFhj2CTAM0iVObZIHKoPefuoeVlLp1KcUaufo1ukPV+fDL LqMcax4K5puecp2VfJbjEic+qGTZSdOIO/f/cgxusGXTOwrJUxoCBAcOLjh3twIr mqHBbCng5UnDIUSTbZNsJ6y/lsj+Ib1jDz2zLoI0XvwV89m7G7T8HTrFcDplHy+I c/tBGNWes+5lmqLl/GHWX+icrlv506+gQH87tgEdZE3+nfQyQyW1056oiyGoB4fe ZAe/oP9Zo9c= =SSwA -----END PGP SIGNATURE-----