Google Chrome Multiple Vulnerabilities-02 Oct12 (Mac OS X) Network Vulnerability

Summary

This host is installed with Google Chrome and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allow the attackers to execute arbitrary code and cause a denial of service. Impact Level: System/Application

Solution

Upgrade to the Google Chrome 22.0.1229.94 or later, For updates refer to http://www.google.com/chrome

Insight

Multiple flaws are due to - Use-after-free erorr in the SVG implementation in WebKit, allows remote attackers to execute arbitrary code via unspecified vectors. - An erorr in Inter-process Communication (IPC) implementation, allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process.

Affected

Google Chrome version prior to 22.0.1229.94 on Mac OS X

References

http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html
http://googlechromereleases.blogspot.in/2012/10/stable-channel-update_6105.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5112, CVE-2012-5376

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X)
Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)

Take action and discover your vulnerabilities