Google Chrome Multiple Vulnerabilities - Sep12 (Linux) Network Vulnerability

Summary

This host is installed with Google Chrome and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allow the attackers to execute arbitrary code or cause a denial of service. Impact Level: System/Application

Solution

Upgrade to the Google Chrome 21.0.1180.89 or later, For updates refer to http://www.google.com/chrome

Insight

Multiple flaws are due to - Out-of-bounds read in line breaking - Bad cast with run-ins. - Browser crash with SPDY. - Race condition with workers and XHR. - Avoid stale buffer in URL loading. - Lower severity memory management issues in XPath - Bad cast in XSL transforms. - XSS in SSL interstitial.

Affected

Google Chrome version prior to 21.0.1180.89 on Linux

References

http://googlechromereleases.blogspot.in/2012/08/stable-channel-update_30.html
http://secunia.com/advisories/50447
http://www.securityfocus.com/bid/55331

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2865, CVE-2012-2866, CVE-2012-2867, CVE-2012-2868, CVE-2012-2869, CVE-2012-2870, CVE-2012-2871, CVE-2012-2872

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)
Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)
Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Jan15 (Windows)

Take action and discover your vulnerabilities