Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Chrome Updated V24

Published: 2013-01-11
Last Updated: 2013-01-11 16:42:18 UTC
by Stephen Hall (Version: 1)
0 comment(s)

The Chrome team over at Google have been busy, and V24 of their Chrome browser has been released.

V24 brings both new functionality with the introduction of Math ML and an update to the flash version but also more importantly a significant number of bug fixes.

Reference Rating CVE Description
162494 High CVE-2012-5145 Use-after-free in SVG layout.
165622 High CVE-2012-5146 Same origin policy bypass with malformed URL
165864 High CVE-2012-5147 Use-after-free in DOM handling
167122 Medium CVE-2012-5148 Missing filename sanitization in hyphenation support
166795 High CVE-2012-5149 Integer overflow in audio IPC handling
165601 High CVE-2012-5150 Use-after-free when seeking video
165538 High CVE-2012-5151 Integer overflow in PDF JavaScript
165430 Medium CVE-2012-5152 Out-of-bounds read when seeking video
164565 High CVE-2012-5153 Out-of-bounds stack access in v8
164490 Low CVE-2012-5154 Integer overflow in shared memory allocation
163208 Medium CVE-2012-5155 Missing Mac sandbox for worker processes
162778 High CVE-2012-5156 Use-after-free in PDF fields

162776 / 162156

Medium CVE-2012-5157 Out-of-bounds reads in PDF image handling
162153 High CVE-2013-0828 Bad cast in PDF root handling
162114 high CVE-2013-0829 Corruption of database metadata leading to incorrect file access
162066 Low CVE-2013-0830 Missing NUL termination in IPC
161836 Low CVE-2013-0831 Possible path traversal from extension process
160380 Medium CVE-2013-0832 Use-after-free with printing
154485 Medium CVE-2013-0833 Out-of-bounds read with printing
154283 Medium CVE-2013-0834 Out-of-bounds read with glyph handling
152921 Low CVE-2013-0835 Browser crash with geolocation
150545 High CVE-2013-0836 Crash in v8 garbage collection
145363 Medium CVE-2013-0837 Crash in extension tab handling
143859 Low CVE-2013-0838 Tighten permissions on shared memory segments

For more details, and the credits to the vulnerabilities please see:

http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html

http://code.google.com/p/chromium/issues/detail?id=152430

Steve

 

Keywords:
0 comment(s)
Diary Archives