copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Security Bul... » Security Bul... » AusCERT Secu... » ASB-2013.0026 - [Win][Linux][OSX] Google Chrome: Mul...
 

ASB-2013.0026 - [Win][Linux][OSX] Google Chrome: Multiple vulnerabilities
Date: 25 February 2013
References: ESB-2013.0490  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2013.0026
     A number of vulnerabilities have been identified in Google Chrome
                             25 February 2013

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Google Chrome
Operating System:     Windows
                      Linux variants
                      OS X
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
                      Unauthorised Access             -- Remote with User Interaction
                      Reduced Security                -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2013-0900 CVE-2013-0899 CVE-2013-0898
                      CVE-2013-0897 CVE-2013-0896 CVE-2013-0895
                      CVE-2013-0894 CVE-2013-0893 CVE-2013-0892
                      CVE-2013-0891 CVE-2013-0890 CVE-2013-0889
                      CVE-2013-0888 CVE-2013-0887 CVE-2013-0886
                      CVE-2013-0885 CVE-2013-0884 CVE-2013-0883
                      CVE-2013-0882 CVE-2013-0881 CVE-2013-0880
                      CVE-2013-0879  
Member content until: Wednesday, March 27 2013

OVERVIEW

        A number of vulnerabilities have been identified in Google Chrome prior
        to versions 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for 
        Mac. [1]


IMPACT

        The vendor has provided the following details regarding these 
        vulnerabilities:
        
        "[$1000] [172243] High CVE-2013-0879: Memory corruption with web audio 
        node. Credit to Atte Kettunen of OUSPG.
        [$1000] [171951] High CVE-2013-0880: Use-after-free in database 
        handling. Credit to Chamal de Silva.
        [$500] [167069] Medium CVE-2013-0881: Bad read in Matroska handling. 
        Credit to Atte Kettunen of OUSPG.
        [$500] [165432] High CVE-2013-0882: Bad memory access with excessive 
        SVG parameters. Credit to Renata Hodovan.
        [$500] [142169] Medium CVE-2013-0883: Bad read in Skia. Credit to Atte 
        Kettunen of OUSPG.
        [172984] Low CVE-2013-0884: Inappropriate load of NaCl. Credit to 
        Google Chrome Security Team (Chris Evans).
        [172369] Medium CVE-2013-0885: Too many API permissions granted to 
        web store.
        [Mac only] [171569] Medium CVE-2013-0886: Incorrect NaCl signal 
        handling. Credit to Mark Seaborn of the Chromium development 
        community.
        [171065] [170836] Low CVE-2013-0887: Developer tools process has too 
        many permissions and places too much trust in the connected server.
        [170666] Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to 
        Google Chrome Security Team (Inferno).
        [170569] Low CVE-2013-0889: Tighten user gesture check for dangerous 
        file downloads.
        [169973] [169966] High CVE-2013-0890: Memory safety issues across the 
        IPC layer. Credit to Google Chrome Security Team (Chris Evans).
        [169685] High CVE-2013-0891: Integer overflow in blob handling. Credit 
        to Google Chrome Security Team (Jri Aedla).
        [169295] [168710] [166493] [165836] [165747] [164958] [164946] Medium 
        CVE-2013-0892: Lower severity issues across the IPC layer. Credit to 
        Google Chrome Security Team (Chris Evans).
        [168570] Medium CVE-2013-0893: Race condition in media handling. Credit 
        to Andrew Scherkus of the Chromium development community.
        [168473] High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit 
        to Google Chrome Security Team (Inferno).
        [Linux / Mac] [167840] High CVE-2013-0895: Incorrect path handling in 
        file copying. Credit to Google Chrome Security Team (Jri Aedla).
        [166708] High CVE-2013-0896: Memory management issues in plug-in message
        handling. Credit to Google Chrome Security Team (Cris Neckar).
        [165537] Low CVE-2013-0897: Off-by-one read in PDF. Credit to Mateusz
        Jurczyk, with contributions by Gynvael Coldwind, both from Google 
        Security Team.
        [164643] High CVE-2013-0898: Use-after-free in URL handling. Credit to 
        Alexander Potapenko of the Chromium development community.
        [160480] Low CVE-2013-0899: Integer overflow in Opus handling. Credit 
        to Google Chrome Security Team (Jri Aedla).
        [152442] Medium CVE-2013-0900: Race condition in ICU. Credit to Google 
        Chrome Security Team (Inferno)." [1]


MITIGATION

        The vendor recommends updating to the latest version of Google Chrome
        to correct these issues. [1]


REFERENCES

        [1] Stable Channel Update
            http://googlechromereleases.blogspot.com.au/2013/02/stable-channel-update_21.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUSrcm+4yVqjM2NGpAQJKBBAAnriHaS7RT47MN4Zp/BC0oyzlPyDvcXPK
wb+ZhetS8OJNHMOzffx7jr634LqB+YS3kknGCCjP+aHzhf2DDhukejBmHAYEkkmn
WuW4rou+JW0Y1VSZUU+H8jm6sScUH5d7S9/9oHX35J/bSpwqP3EQQuDPtkfB5/Y4
eoWPfs5vksQRbu3psTlYkM9i6dBZxzIch3VcBCu1bsM6e35NurxPVmKD6F+KG5zz
CdfoUIUXZmGaC4xrhX7YlOYut5s8vdo6ni0zZcQRKui48VtKl/QVGz3KowAnFKLq
xq++Z2n22Q6fdFLjcWs8IkvKUwuildxvoONrzMqtWRLVuVlOghAyNJb6oTnpYqR+
yupf03Im7rHfVGXtsqiLI5BbDj9Tqpj9109EfWLNNSJuYaC6jAk0Vc6EZaMuqJxo
H9oUGFNyyOmgKY+2dFzNTwVKOOlahT0A3WbgVn/QIxfSUIGG+zwk0QpvF8R8wkdC
yIwFmBkhuExP8GVBu10QM+wRDxNnUs4ZS0LocYrjteT5Pg+13yd1WAaIH7hRHmMY
jFx3u7LCLGMAPa2p7B4WxK0WQKoGZHAPEnNL0GL8oYfEbCs3UEVcwKV5dxUhQk4E
mOrNNINg0GUUqC6fbRUc9/7BYNn09h+H6mZrmWkNo0OxYm5nncn0uXZtv7o69Z+L
4MwrFyokWWc=
=Uykg
-----END PGP SIGNATURE-----




Comments? Click here http://www.auscert.org.au/render.html?cid=10415&it=17074