Google Chrome: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2012.0079
     A number of vulnerabilities have been identified in Google Chrome
                                25 May 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Google Chrome
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
                      Reduced Security                -- Unknown/Unspecified         
Resolution:           Patch/Upgrade
CVE Names:            CVE-2011-3115 CVE-2011-3114 CVE-2011-3113
                      CVE-2011-3112 CVE-2011-3111 CVE-2011-3110
                      CVE-2011-3109 CVE-2011-3108 CVE-2011-3107
                      CVE-2011-3106 CVE-2011-3105 CVE-2011-3104
                      CVE-2011-3103  
Member content until: Sunday, June 24 2012

OVERVIEW

        A number of vulnerabilities have been identified in Google Chrome prior
        to 19.0.1084.52.[1]


IMPACT

        Google has provided the following information:
        
        "[117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit
        to the Chromium development community (Brett Wilson).
        [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to
        Google Chrome Security Team (Inferno).
        [$1000] [120912] High CVE-2011-3105: Use-after-free in first-letter
        handling. Credit to miaubiz.
        [122654] Critical CVE-2011-3106: Browser memory corruption with
        websockets over SSL. Credit to the Chromium development community
        (Dharani Govindan).
        [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings.
        Credit to the Chromium development community (Dharani Govindan).
        [$1337] [125159] Critical CVE-2011-3108: Use-after-free in browser
        cache. Credit to efbiaiinzinz.
        [Linux only] [$1000] [126296] High CVE-2011-3109: Bad cast in GTK UI.
        Credit to Micha Bartholom.
        [126337] [126343] [126378] [127349] [127819] [127868] High
        CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk
        of the Google Security Team, with contributions by Gynvael Coldwind of
        the Google Security Team.
        [$500] [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to
        Christian Holler.
        [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF.
        Credit to Mateusz Jurczyk of the Google Security Team, with
        contributions by Gynvael Coldwind of the Google Security Team.
        [127883] High CVE-2011-3113: Invalid cast with colorspace handling in
        PDF. Credit to Mateusz Jurczyk of the Google Security Team, with
        contributions by Gynvael Coldwind of the Google Security Team.
        [128014] High CVE-2011-3114: Buffer overflows with PDF functions.
        Credit to Google Chrome Security Team (scarybeasts).
        [$1000] [128018] High CVE-2011-3115: Type corruption in v8 Credit to
        Christian Holler." [1]


MITIGATION

        Users should upgrade to the latest version of Google Chrome. [1]


REFERENCES

        [1] Stable Channel Update
            http://googlechromereleases.blogspot.com.au/2012/05/stable-channel-update_23.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBT77YZu4yVqjM2NGpAQLUZRAArFBnc2vVfteH+/zzHhBs2R/BRXdqRRX/
dL2WHCgQLzmdesRt6ZjRsAf44XItxmmNVhMNg0LEJyR6wEi21ahQEEiOlvA+M+5u
WxgUEQsu9punq2BUyBcl3hwhSXh1uBhABs79YtseG2UK43qf/zvWKJWfRUHecnnR
JIwOe8YJELK3BNtlVKbV3SM2vT5H90buRTpyj2oEmH7xxFfogGZ6wilZJocZjU1I
GSvMNipuz8q+oGJV2MDP/Pw9FROKbSY5UHuyNDWo/usLzsfPJh63P6JexbZFXfdL
2fhdh/uCgl2W30HbnFODmkMfZv51pidoGtHBKpu8PxBXramfw/8hAkxxTapFzAd0
yC7nfRwD2k7wnEeImhxNlR1o/aRd7yKOFmMjq2zNaN+or+1m40D6QRW2eNZtbEgz
wvuMXq9aMCtvTDe+5yUNbHOGBYNXHa5CvMGQJqK1c/trsSSQNt5pQUnB+C9OL8+j
A+vG/KFSwOmy+7GCpezKrCDLQ+kwjc/G3ttfEYn0fdEnfksXbIzRiHnmmo8dSZbh
XiM6hsd/r3wZIFCvF9fsF5WFxAPKAhPKJA9bN94gmlrHGM99d0VFRnzIA9fvkFzy
TCoWl9cnSjJZoUo8xZhiWRjODlzicEWaMVewNJzwYCFw0feoeniUUkaGSmfn4dNP
my1kN77h0NM=
=KQte
-----END PGP SIGNATURE-----