Google Chrome Multiple Vulnerabilities-02 Oct12 (Linux) Network Vulnerability

Summary

This host is installed with Google Chrome and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allow the attackers to execute arbitrary code and cause a denial of service. Impact Level: System/Application

Solution

Upgrade to the Google Chrome 22.0.1229.94 or later, For updates refer to http://www.google.com/chrome

Insight

Multiple flaws are due to - Use-after-free erorr in the SVG implementation in WebKit, allows remote attackers to execute arbitrary code via unspecified vectors. - An erorr in Inter-process Communication (IPC) implementation, allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process.

Affected

Google Chrome version prior to 22.0.1229.94 on Linux

References

http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html
http://googlechromereleases.blogspot.in/2012/10/stable-channel-update_6105.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5112, CVE-2012-5376

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Windows)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Linux)
Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Windows)
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Mac OS X)
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Linux)

Take action and discover your vulnerabilities