25 February 2013
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2013.0026 A number of vulnerabilities have been identified in Google Chrome 25 February 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows Linux variants OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2013-0900 CVE-2013-0899 CVE-2013-0898 CVE-2013-0897 CVE-2013-0896 CVE-2013-0895 CVE-2013-0894 CVE-2013-0893 CVE-2013-0892 CVE-2013-0891 CVE-2013-0890 CVE-2013-0889 CVE-2013-0888 CVE-2013-0887 CVE-2013-0886 CVE-2013-0885 CVE-2013-0884 CVE-2013-0883 CVE-2013-0882 CVE-2013-0881 CVE-2013-0880 CVE-2013-0879 Member content until: Wednesday, March 27 2013 OVERVIEW A number of vulnerabilities have been identified in Google Chrome prior to versions 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac.  IMPACT The vendor has provided the following details regarding these vulnerabilities: "[$1000]  High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG. [$1000]  High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva. [$500]  Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG. [$500]  High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan. [$500]  Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.  Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google Chrome Security Team (Chris Evans).  Medium CVE-2013-0885: Too many API permissions granted to web store. [Mac only]  Medium CVE-2013-0886: Incorrect NaCl signal handling. Credit to Mark Seaborn of the Chromium development community.   Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server.  Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).  Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads.   High CVE-2013-0890: Memory safety issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).  High CVE-2013-0891: Integer overflow in blob handling. Credit to Google Chrome Security Team (Jri Aedla).        Medium CVE-2013-0892: Lower severity issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).  Medium CVE-2013-0893: Race condition in media handling. Credit to Andrew Scherkus of the Chromium development community.  High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to Google Chrome Security Team (Inferno). [Linux / Mac]  High CVE-2013-0895: Incorrect path handling in file copying. Credit to Google Chrome Security Team (Jri Aedla).  High CVE-2013-0896: Memory management issues in plug-in message handling. Credit to Google Chrome Security Team (Cris Neckar).  Low CVE-2013-0897: Off-by-one read in PDF. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.  High CVE-2013-0898: Use-after-free in URL handling. Credit to Alexander Potapenko of the Chromium development community.  Low CVE-2013-0899: Integer overflow in Opus handling. Credit to Google Chrome Security Team (Jri Aedla).  Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome Security Team (Inferno)."  MITIGATION The vendor recommends updating to the latest version of Google Chrome to correct these issues.  REFERENCES  Stable Channel Update http://googlechromereleases.blogspot.com.au/2013/02/stable-channel-update_21.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: firstname.lastname@example.org Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUSrcm+4yVqjM2NGpAQJKBBAAnriHaS7RT47MN4Zp/BC0oyzlPyDvcXPK wb+ZhetS8OJNHMOzffx7jr634LqB+YS3kknGCCjP+aHzhf2DDhukejBmHAYEkkmn WuW4rou+JW0Y1VSZUU+H8jm6sScUH5d7S9/9oHX35J/bSpwqP3EQQuDPtkfB5/Y4 eoWPfs5vksQRbu3psTlYkM9i6dBZxzIch3VcBCu1bsM6e35NurxPVmKD6F+KG5zz CdfoUIUXZmGaC4xrhX7YlOYut5s8vdo6ni0zZcQRKui48VtKl/QVGz3KowAnFKLq xq++Z2n22Q6fdFLjcWs8IkvKUwuildxvoONrzMqtWRLVuVlOghAyNJb6oTnpYqR+ yupf03Im7rHfVGXtsqiLI5BbDj9Tqpj9109EfWLNNSJuYaC6jAk0Vc6EZaMuqJxo H9oUGFNyyOmgKY+2dFzNTwVKOOlahT0A3WbgVn/QIxfSUIGG+zwk0QpvF8R8wkdC yIwFmBkhuExP8GVBu10QM+wRDxNnUs4ZS0LocYrjteT5Pg+13yd1WAaIH7hRHmMY jFx3u7LCLGMAPa2p7B4WxK0WQKoGZHAPEnNL0GL8oYfEbCs3UEVcwKV5dxUhQk4E mOrNNINg0GUUqC6fbRUc9/7BYNn09h+H6mZrmWkNo0OxYm5nncn0uXZtv7o69Z+L 4MwrFyokWWc= =Uykg -----END PGP SIGNATURE-----