Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux) Network Vulnerability

Summary

This host is installed with Google Chrome and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to bypass certain security restrictions, execute arbitrary code in the context of the browser or cause a denial of service or possibly have unspecified other impact. Impact Level: System/Application

Solution

Upgrade to the Google Chrome 24.0.1312.56 or later, For updates refer to http://www.google.com/chrome

Insight

Multiple flaws due to - Referring freed memory in canvas font handling. - Missing URL validation when opening new windows. - Unchecked array index in content blocking functionality. - Not properly handling %00 characters in path-names.

Affected

Google Chrome versions prior to 24.0.1312.56 on Linux

References

http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html
http://secunia.com/advisories/51935
http://securitytracker.com/id/1028030

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0839, CVE-2013-0840, CVE-2013-0841, CVE-2013-0842

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities - December12 (Mac OS X)
Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
Adobe Acrobat Multiple Vulnerabilities - Mac OS X
Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)

Take action and discover your vulnerabilities