HomePentest-Tools.com Logo

Google Chrome multiple vulnerabilities - November 10(Linux) CVE-2010-4197CVE-2010-4198CVE-2010-4199CVE-2010-4201CVE-2010-4202CVE-2010-4203CVE-2010-4204CVE-2010-4205CVE-2010-4206CVE-2010-4008

Severity
CVSSv3 Score
8.8
Vulnerability description

Google Chrome is prone to multiple vulnerabilities.

Risk description

The flaws are due to - A use-after-free error related to text editing - A memory corruption error when handling an overly large text area - A bad cast with the SVG use element - An invalid memory read in XPath handling - A use-after-free error related to text control selections - A integer overflows in font handling on Linux - A memory corruption error in libvpx - A bad use of destroyed frame objects - A type confusions with event objects - An out-of-bounds array access when handling SVGs. Successful exploitation could allow the attackers to execute arbitrary code in the context of the browser, cause denial-of-service condition, carry out spoofing attacks, gain access to sensitive information, and bypass intended security restrictions.

Recommendation

Upgrade to the Google Chrome 7.0.517.44 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 17, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available