Australia's Leading Computer Emergency Response Team

ASB-2013.0035 - [Win][Linux][OSX] Google Chrome: Multiple vulnerabilities
Date: 05 March 2013
Original URL: http://www.auscert.org.au/render.html?cid=10415&it=17123

Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2013.0035
     A number of vulnerabilities have been identified in Google Chrome
                               5 March 2013

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Google Chrome
Operating System:     Windows
                      Linux variants
                      OS X
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
                      Unauthorised Access             -- Remote with User Interaction
                      Reduced Security                -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2013-0911 CVE-2013-0910 CVE-2013-0909
                      CVE-2013-0908 CVE-2013-0907 CVE-2013-0906
                      CVE-2013-0905 CVE-2013-0904 CVE-2013-0903
                      CVE-2013-0902  
Member content until: Thursday, April  4 2013

OVERVIEW

        A number of vulnerabilities have been identified in Google Chrome prior
        to versions 25.0.1364.152 for Windows, Linux and Mac. [1]


IMPACT

        The vendor has provided the following details regarding these 
        vulnerabilities:
        
        "[$1000] [176882] High CVE-2013-0902: Use-after-free in frame 
        loader. Credit to Chamal de Silva.
        [$1000] [176252] High CVE-2013-0903: Use-after-free in browser 
        navigation handling. Credit to “chromium.khalil”.
        [$2000] [172926] [172331] High CVE-2013-0904: Memory corruption in 
        Web Audio. Credit to Atte Kettunen of OUSPG.
        [$1000] [168982] High CVE-2013-0905: Use-after-free with SVG 
        animations. Credit to Atte Kettunen of OUSPG.
        [174895] High CVE-2013-0906: Memory corruption in Indexed DB. Credit
        to Google Chrome Security Team (Jüri Aedla).
        [174150] Medium CVE-2013-0907: Race condition in media thread 
        handling. Credit to Andrew Scherkus of the Chromium development 
        community.
        [174059] Medium CVE-2013-0908: Incorrect handling of bindings for 
        extension processes.
        [173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit
        to Egor Homakov.
        [172573] Medium CVE-2013-0910: Mediate renderer -> browser plug-in 
        loads more strictly. Credit to Google Chrome Security Team (Chris 
        Evans).
        [172264] High CVE-2013-0911: Possible path traversal in database 
        handling. Credit to Google Chrome Security Team (Jüri Aedla)." [1]


MITIGATION

        The vendor recommends updating to the latest version of Google Chrome
        to correct these issues. [1]


REFERENCES

        [1] Stable Channel Update
            http://googlechromereleases.blogspot.com.au/2013/03/stable-channel-update_4.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUTVeAe4yVqjM2NGpAQJb0xAAn67U+j8B3ArJ5D/PE+RHUKDNsaJGqVDq
iiP6V9d8Pixz5aQAoo7nZGyWO54Tm/0stkfSiPH1z4P4RHniykpOfEwscfmy9qW2
O2RzLXQvpKi1C49yFJaXmFT/2fI6Tb7CZhkLe3X5Mp7tVyia2Uw0IrEb0MghoReD
Ud0TYkZyy311Ys3GKw01hvtUH7FAaccCn/m4FwNJQiXK2+LGXVHVFLOZWVLkALS9
t4I7Jm+7M0eL8kCiUHqsrVNT+XII5UmfhZIBNRa5n2LA/2NzIgdIgf/2pwgLkmnC
s8k/+b0xAs4aIZMZRcp/QLaa9CPMjJnMAEQehcJ3+X4O/46RdEyCQdUVU9icS8ny
JHKZA7RTYZF6jsDdnmjZhzolDcjPvaSNHPSa+wnKwC9yYdvRg8Ewge1lpa+tJFGO
q/cylrlzV+/MD3Du2SyAIN5LAgmoF0Y8aDaZTcaeIjG/eES0kaS60mSVQ/NSmqCK
yd5cF9/+4X1FuzYZwK1jZ3Me/Z4nqr7Vtg2WkAqFm26U10vc7+KiCAsQHXM4wV5I
ssVruecl3HIRaVPCd/3HQJskZBA9mh52PxJ2nviFiCJ5L2jAtG14lHJDdJlnIri3
YqDiX6t+1dHAcivxA8mWsIOl5/EV/yLi4fSbxUHCMyYrdbAJvCPp+mntzh+13VRP
jnUJ2vkp4JA=
=zkqU
-----END PGP SIGNATURE-----