Google Chrome Multiple Denial Of Service Vulnerabilities - January12 (Mac OS X) Network Vulnerability

Summary

The host is installed with Google Chrome and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation could allow attackers to execute arbitrary code, cause a denial of service. Impact Level: Application

Solution

Upgrade to the Google Chrome 16.0.912.75 or later, For updates refer to http://www.google.com/chrome

Insight

Multiple flaws are due to, - A use-after-free error when the handling of animation frames. - A boundary error within the 'xmlStringLenDecodeEntities()' function of libxml2 - A stack based buffer overflow error in glyph handling.

Affected

Google Chrome version prior to 16.0.912.75 on Mac OS X

References

http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html
http://secunia.com/advisories/47449/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3919, CVE-2011-3921, CVE-2011-3922

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ActFax LPD/LPR Server Denial of Service Vulnerability
Epson EventManager 'x-protocol-version' Denial of Service Vulnerability
CA kmxfw.sys Code Execution and DoS Vulnerabilities
Adersoft VbsEdit '.vbs' File Denial Of Service Vulnerability
freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability

Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Mac OS X)

Take action and discover your vulnerabilities