Date: 02 August 2012
References: ESB-2013.0116 ESB-2013.0391 ESB-2013.0705
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2012.0109
A number of vulnerabilities have been identified in Google Chrome
2 August 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Google Chrome
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Impact/Access: Denial of Service -- Remote with User Interaction
Access Confidential Data -- Remote with User Interaction
Unauthorised Access -- Remote with User Interaction
Reduced Security -- Unknown/Unspecified
Resolution: Patch/Upgrade
CVE Names: CVE-2012-2860 CVE-2012-2859 CVE-2012-2858
CVE-2012-2857 CVE-2012-2856 CVE-2012-2855
CVE-2012-2854 CVE-2012-2853 CVE-2012-2852
CVE-2012-2851 CVE-2012-2850 CVE-2012-2849
CVE-2012-2848 CVE-2012-2847 CVE-2012-2846
Member content until: Saturday, September 1 2012
OVERVIEW
A number of vulnerabilities have been identified in Google Chrome prior
to version 21.0.1180.57 for Mac and Linux and 21.0.1180.60 for Windows
and Chrome Frame.
IMPACT
The following information is available on the vendor website:
"[Linux only] [125225] Medium CVE-2012-2846: Cross-process interference
in renderers. Credit to Google Chrome Security Team (Julien Tinnes).
[127522] Low CVE-2012-2847: Missing re-prompt to user upon excessive
downloads. Credit to Matt Austin of Aspect Security.
[127525] Medium CVE-2012-2848: Overly broad file access granted after
drag+drop. Credit to Matt Austin of Aspect Security.
[128163] Low CVE-2012-2849: Off-by-one read in GIF decoder. Credit to
Atte Kettunen of OUSPG.
[130251] [130592] [130611] [131068] [131237] [131252] [131621] [131690]
[132860] Medium CVE-2012-2850: Various lower severity issues in the PDF
viewer. Credit to Mateusz Jurczyk of Google Security Team, with
contributions by Gynvael Coldwind of Google Security Team.
[132585] [132694] [132861] High CVE-2012-2851: Integer overflows in PDF
viewer. Credit to Mateusz Jurczyk of Google Security Team, with
contributions by Gynvael Coldwind of Google Security Team.
[134028] High CVE-2012-2852: Use-after-free with bad object linkage in
PDF. Credit to Alexey Samsonov of Google.
[134101] Medium CVE-2012-2853: webRequest can interfere with the Chrome
Web Store. Credit to Trev of Adblock.
[134519] Low CVE-2012-2854: Leak of pointer values to WebUI renderers.
Credit to Nasko Oskov of the Chromium development community.
[134888] High CVE-2012-2855: Use-after-free in PDF viewer. Credit to
Mateusz Jurczyk of Google Security Team, with contributions by Gynvael
Coldwind of Google Security Team.
[134954] [135264] High CVE-2012-2856: Out-of-bounds writes in PDF
viewer. Credit to Mateusz Jurczyk of Google Security Team, with
contributions by Gynvael Coldwind of Google Security Team.
[$1000] [136235] High CVE-2012-2857: Use-after-free in CSS DOM. Credit
to Arthur Gerkis.
[$1000] [136894] High CVE-2012-2858: Buffer overflow in WebP decoder.
Credit to Jri Aedla.
[Linux only] [137541] Critical CVE-2012-2859: Crash in tab handling.
Credit to Jeff Roberts of Google Security Team.
[137671] Medium CVE-2012-2860: Out-of-bounds access when clicking in
date picker. Credit to Chamal de Silva." [1]
MITIGATION
The vendor recommends upgrading to the latest version of Chrome. [1]
REFERENCES
[1] Stable Channel Release
http://googlechromereleases.blogspot.com.au/2012/07/stable-channel-release.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUBoLR+4yVqjM2NGpAQJKLA/+M1wfv88jSKXxgVbIpj104kHqMCgpZT+E
Xb0BeuHoyNRGC3iTHdYltf0BBinzN6aJxlJNjwrZBSh/PzR19CKnSdXodG9/num/
ooT++2dJX74DK/bx03y4M6cmI4zUUScVyElYlFZj54Qxu98JP66qVKbhIzsLlay/
D6tKKkR1QSXJRwzOp4EOI0++Q/yJY1kfET2vva7iltDa1uQV8jHlseLE5Q3tJGE3
67QLLpCxJG+XhGS2kBHW/fpQtN9otqsaKx+rkYsNTlzlX8oa/z+Mjpv8I12+jEm4
usMIr3cxX9R+MnARPxgLB0nKAQVOS/xvrlcxfvnKEXDvgih9ZRiQyTbCREQEAUUb
xv/uLjaK4QI2JhPeWkSPuyc6zwlX4TeKZ1ddIvwtXtA2j4yvTyu6pzuZ7xvIVCaK
j16yate6dwT5yg06zPasVNRY/1Sxq3RkPb6pXdPtvm8zQ2FsFxoALB37b7xANttQ
AV31LvtCKg36EXj6qYVIeeZYKVENChFMhYIISymdiyIoOi3G1Z0osZDDZWVX1aJs
xhQ4jtbd0izzifdVXAWUAjlSsn1Z8HUUSwZ1MlxQJ0s6QlqB4CkctZfRqbon5ijW
l+WObPnABkMIuYxAvod7XgjXKhYLyU2jRMKz1Q+S1+ffvXkWiVSQZD0OEwixTBjT
/bpYUc76Dzk=
=+rPA
-----END PGP SIGNATURE-----
|