HomePentest-Tools.com Logo

Google Chrome Multiple Vulnerabilities - Nov2012 (Mac OS X) CVE-2012-5117CVE-2012-5116CVE-2012-5128CVE-2012-5127CVE-2012-5126CVE-2012-5125CVE-2012-5124CVE-2012-5123CVE-2012-5122CVE-2012-5121CVE-2012-5119CVE-2012-5118CVE-2012-5115

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

- An integer overflow error exists in WebP handling. - An error in v8 can be exploited to cause an out-of-bounds array access. - Multiple use-after-free errors exist in SVG filter, video layout, extension tab and plug-in placeholder, handling. - An error exists related to integer boundary checks within GPU command buffers. - An error exists related to inappropriate loading of SVG sub resource in img context. - A race condition error exists in Pepper buffer handling. - A type casting error exists in certain input handling. - An error in Skia can be exploited to cause an out-of-bounds read. - An error in texture handling can be exploited to corrupt memory. - An error in v8 can be exploited to corrupt memory. - Defend against wild writes in buggy graphics drivers. - Integer bounds check issue in GPU command buffers. Successful exploitation will allow attackers to bypass certain security restrictions, execute arbitrary code in the context of the browser or cause a denial of service.

Recommendation

Upgrade to the Google Chrome 23.0.1271.64 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 7, 2012
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available