icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Google Chrome < 12.0.742.91 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is affected by a code execution vulnerability.

Description

Versions of Google Chrome earlier than 12.0.742.91 are potentially affected by multiple vulnerabilities :

- A use-after-free issue exists due to integer issues in float handling. (Issue 73962, 79746)

- A use-after-free issue exists in accessibility support. (Issue 75496)

- A visit history information leak exists in CSS. (Issue 75643)

- It is possible to crash the browser with lots of form submissions. (Issue 76034)

- An extensions permission bypass exists. (Issue 77026)

- A stale pointer exists in the extension framework. (Issue 78516)

- It is possible to read from an uninitialized pointer. (Issue 79362)

- It is possible to perform script injection into the new tab page. (Issue 79862)

- A use-after-free issue exists in developer tools. (Issue 80358)

- A memory corruption issue exists in history deletion. (Issue 81916)

- A use-after-free issue exists in the image loader. (Issue 81949)

- It is possible to perform an extension injection into chrome:// pages. (Issue 83010

- A same origin bypass exists in V8. (Issue 83275)

- A same origin bypass exists in DOM. (Issue 83743)

Solution

Upgrade to Google Chrome 12.0.742.91 or later.