Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2012.0073 A number of vulnerabilities have been identified in Google Chrome 16 May 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2011-3102 CVE-2011-3101 CVE-2011-3100 CVE-2011-3099 CVE-2011-3098 CVE-2011-3097 CVE-2011-3096 CVE-2011-3095 CVE-2011-3094 CVE-2011-3093 CVE-2011-3092 CVE-2011-3091 CVE-2011-3090 CVE-2011-3089 CVE-2011-3088 CVE-2011-3087 CVE-2011-3086 CVE-2011-3085 CVE-2011-3084 CVE-2011-3083 Member content until: Friday, June 15 2012 OVERVIEW A number of vulnerabilities have been identified in Google Chrome prior to Chrome 19. [1] IMPACT Google has provided the following information: "[112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG. [113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community. [118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to psaldorn. [$1000] [118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis. [118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community. [$500] [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG. [$1000] [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz. [$500] [121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis. [121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno). [$1000] [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler. [$500] [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz. [122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz. [$1000] [123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen. [Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis. [123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google. [Windows only] [124216] Low CVE-2011-3098: Bad search path for Windows Media Player plug-in. Credit to Haifei Li of Microsoft and MSVR (MSVR:159). [124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team. [124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno). [Linux only] [$500] [118970] Medium CVE-2011-3101: Work around Linux Nvidia driver bug. Credit to Aki Helin of OUSPG. [$1500] [125462] High CVE-2011-3102: Off-by-one out-of-bounds write in libxml. Credit to Jri Aedla." [1] MITIGATION Users should upgrade to Chrome 19. [1] REFERENCES [1] Stable Channel Update http://googlechromereleases.blogspot.com.au/search/label/Stable%20updates AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBT7NGPO4yVqjM2NGpAQJmpQ//Z6Lz6nis4bS1tuw/dcwtXG9HEeojWJBP n4IZLjqLjQq+/CQG5J9pdcl6PUjJWtha8aZ5GWvJTTxTU6cE1J9irZF6HYu8/8HK 9hUH/MQQeeD+XB54lz7VCw9qPneULpg0pYLDfnsCFEOy6dQafC635UbHFCxe+/G8 xcM5Zrp04oy+pLFFRgVxEzLIheqDhqRGKdmGrZWulRBvO+MFBVyxOU+FoyW5+K7P xIP5r99FDkd1LXfLODDjUeGKodXhn3TAithTJuNNeOWmm0wOqipJae0VSjTKUn1u eEUfv6NLcud7XpPJ6eVhhd56UdOtuL2ZVgQgNtGQjQKWPuzc/hi1veVdWw6iEfZe UWiXSPvKpzsyNJ4BijlWKFlyaZvWNIZxbBjKQREPY4yfBzPD/61lPD5mTXAfUpBi oQ4rN8z0PfHeJgYDkvntBmJ1szIpLRO994Rvp2aKAUnZ6up4C9bxu/3hqEZd8w5E 81wydyp6mZFdK3uJ1rV8T2prUrhYqA67seeCilNOcrYCDzTHZyu9qXZyjCy73zJi 5GuJFVuWmsCwk5MurL74l7f1XvjH6PlTiTEluII5QwpgQtwCdwiUFnzbxmumcmFV cVjlnKKfZbIP6vnPYLqRbfJoeNsZ1dve+ZdE0WDHOrkXYWcuiUQAmYG6lEEg0x7o zs2kcvVyS40= =O8rr -----END PGP SIGNATURE-----