Google Chrome PDF Viewer Multiple Vulnerabilities (Mac OS X) Network Vulnerability

Summary

This host is installed with Google Chrome and is prone to use after free and denial of service vulnerabilities.

Impact

Successful exploitation could allow attackers to execute arbitrary code in the context of the browser or cause a denial of service. Impact Level: System/Application

Solution

Upgrade to the Google Chrome 21.0.1180.75 or later, For updates refer to http://www.google.com/chrome

Insight

A use-after-free and out-of-bounds write errors exists within the PDF viewer.

Affected

Google Chrome version prior to 21.0.1180.75 on Mac OS X

References

http://googlechromereleases.blogspot.in/2012/08/stable-channel-update.html
http://secunia.com/advisories/50222/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2862, CVE-2012-2863

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)
Adobe AIR Multiple Vulnerabilities -02 April 13 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Mac OS X)
Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows

Take action and discover your vulnerabilities