Google Chrome multiple vulnerabilities - May11 (Linux)

  1. Network Vulnerabilities
  2. General
  3. Google Chrome multiple vulnerabilities - May11 (Linux)
Summary
The host is running Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to bypass certain security restrictions, disclose potentially sensitive information, conduct spoofing attacks, and potentially compromise a user's system. Impact Level: Application
Solution
Upgrade to the Google Chrome 11.0.696.57 or later, For updates refer to http://www.google.com/chrome
Insight
- An unspecified error related to a stale pointer exists within the handling of floating objects. - A linked-list race condition exists within the database handling. - The MIME handling does not properly ensure thread safety. - An extension with 'tabs' permission can gain access to local files. - An integer overflow error exists within the float rendering. - An error related to blobs can be exploited to violate the same origin policy. - An unspecified error can be exploited to cause an interference between renderer processes. - A use-after-free error exists within the handling of '<ruby>' tags and CSS. - A casting error exists within then handling of floating select lists. - An error related to mutation events can be exploited to corrupt node trees. - An unspecified error related to stale pointers exists in the layering code. - A race condition error exists within the sandbox launcher. - Interrupted loads and navigation errors can be leveraged to spoof the URL bar. - An unspecified error related to a stale pointer exists within the handling of drop-down lists. - An unspecified error related to a stale pointer exists within the height calculations. - A use-after-free error exists within the handling of WebSockets. - An error related to dangling pointers exists within the handling of file dialogs. - An error related to dangling pointers exists within the handling of DOM id maps. - Redirects and manual reloads can be exploited to spoof the URL bar. - A use-after-free error exists within the handling of DOM ids. - An error related to stale pointers exists within the handling of PDF forms.
Affected
Google Chrome version prior to 11.0.696.57 on Linux
References
Updated on 2015-03-25
Severity
High Severity
Classification
Related Vulnerabilities