copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ASB-2011.0114.2 - UPDATE [Win][UNIX/Linux] Google Chrome: Multiple vulnerabilities

Date: 14 December 2011
References: ESB-2012.0053  ESB-2012.0088  ESB-2012.0256  ESB-2012.0257  ESB-2012.0266  ESB-2012.0415.4  ESB-2012.0705  ESB-2012.0874  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                              ASB-2011.0114.2
     A number of vulnerabilities have been identified in Google Chrome
                             14 December 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Google Chrome
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
Impact/Access:        Denial of Service              -- Remote with User Interaction
                      Provide Misleading Information -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2011-3917 CVE-2011-3916 CVE-2011-3915
                      CVE-2011-3914 CVE-2011-3913 CVE-2011-3912
                      CVE-2011-3911 CVE-2011-3910 CVE-2011-3909
                      CVE-2011-3908 CVE-2011-3907 CVE-2011-3906
                      CVE-2011-3905 CVE-2011-3904 CVE-2011-3903
Member content until: Friday, January 13 2012

Revision History:     December 14 2011: Summary added
                      December 14 2011: Initial Release

OVERVIEW

        A number of vulnerabilities have been identified in Google Chrome prior
        to version 16.0.912.63. [1]


IMPACT

        The vendor has provided the following details regarding these
        vulnerabilities:
        
        "[81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching.
          Credit to David Holloway of the Chromium development community.
        [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml.
          Credit to Google Chrome Security Team (Inferno).
        [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser.
          Credit to Aki Helin of OUSPG.
        [99016] High CVE-2011-3907: URL bar spoofing with view-source.
          Credit to Mitja Kolsek of ACROS Security.
        [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing.
          Credit to Aki Helin of OUSPG.
        [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array.
          Credit to Google Chrome Security Team (scarybeasts) and Chu.
        [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling.
          Credit to Google Chrome Security Team (Cris Neckar).
        [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF.
          Credit to Google Chrome Security Team (scarybeasts) and
          Robert Swiecki of the Google Security Team.
        [102359] High CVE-2011-3912: Use-after-free in SVG filters.
          Credit to Arthur Gerkis.
        [103921] High CVE-2011-3913: Use-after-free in Range handling.
          Credit to Arthur Gerkis.
        [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling.
          Credit to Slawomir Blazek.
        [104529] High CVE-2011-3915: Buffer overflow in PDF font handling.
          Credit to Atte Kettunen of OUSPG.
        [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references.
          Credit to Atte Kettunen of OUSPG.
        [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher.
          Credit to Google Chrome Security Team (Marty Barbella).
        [107258] High CVE-2011-3904: Use-after-free in bidi handling.
          Credit to Google Chrome Security Team (Inferno) and miaubiz." [1]


MITIGATION

        The vendor recommends upgrading to the latest version of Google Chrome to correct these
        issues. [1]


REFERENCES

        [1] Stable Channel Update
            http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBTugpUO4yVqjM2NGpAQLjRBAArSVY1ur34anO3/Gmx7jjafYBenCC9pjO
DF0J4afyQYRDG/38EDxzH0Db1kDrPgcoUmIKjnrEqCPFd5i8yJz76FWQmMsRhwDt
18dyM1GlJKk4qkRJuEZlmwxeRtwVEx8uh0iXwTQBWE0P0BA6fd8fG7EMO8iks8rG
6a+sjH0beK3Wo/aJEGY6ito/4GCa/N5OAPFfXeN0ZpEn0qB0QCz5Yioy22LekUo4
j8VakzhP0omc7gRv+L1mVCUjDVFQkpOzAIJVPyzvn4jazhJvMd9apSDRBF8UOWbR
AGCYA3zKUgyloy1o3O4MFzcYzWQdOU/yLJHVjvVlElcHdmsL3HQ5ke1+KvlA1ruR
bUnQMKRbmsee+bB7lkRiRgnOO4v8RNt18V1PpOIQn/lWjlBEACC/9vFlbk78KWLl
C0mBZ/zF2j4xtgW1xjtpvCd6SsJ0gH7bNlL5hgjFK/aqR1HW9+TBo9UVAzLqJdZk
MlTFLSHyicbFyXVh+SzyIo+cWzUX1O55+hmoqe1FnBDv/4AtvAUJ8fw5k2I5usXm
RgnmeyL2t7sTDuLUCVDYDT3fK+mJLakcU9j0NEq8e+wPGXs0I1nZkg4v0fr27uhD
1fDF0IUXkSmpXirkanWJNiazZyFnjZIDzDRoBGqYJNH0+164TtfNZdjDAB0kfUAz
i0V2igVCA7U=
=lcRL
-----END PGP SIGNATURE-----