Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2013.0005 A number of vulnerabilities have been identified in Google Chrome 11 January 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Linux variants Mac OS Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2013-0838 CVE-2013-0837 CVE-2013-0836 CVE-2013-0835 CVE-2013-0834 CVE-2013-0833 CVE-2013-0832 CVE-2013-0831 CVE-2013-0830 CVE-2013-0829 CVE-2013-0828 CVE-2012-5157 CVE-2012-5156 CVE-2012-5155 CVE-2012-5154 CVE-2012-5153 CVE-2012-5152 CVE-2012-5151 CVE-2012-5150 CVE-2012-5149 CVE-2012-5148 CVE-2012-5147 CVE-2012-5146 CVE-2012-5145 Member content until: Sunday, February 10 2013 OVERVIEW A number of vulnerabilities have been identified in Google Chrome prior to version 24.0.1312.52. IMPACT The vendor has provided the following details regarding these vulnerabilities: "[$1000] [162494] High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. [$4000] [165622] High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. [$1000] [165864] High CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez. [167122] Medium CVE-2012-5148: Missing filename sanitization in hyphenation support. Credit to Google Chrome Security Team (Justin Schuh). [166795] High CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google Chrome Security Team (Chris Evans). [165601] High CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome Security Team (Inferno). [165538] High CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. [165430] Medium CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google Chrome Security Team (Inferno). [164565] High CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas Rossberg of the Chromium development community. [Windows only] [164490] Low CVE-2012-5154: Integer overflow in shared memory allocation. Credit to Google Chrome Security Team (Chris Evans). [Mac only] [163208] Medium CVE-2012-5155: Missing Mac sandbox for worker processes. Credit to Google Chrome Security Team (Julien Tinnes). [162778] High CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. [162776] [162156] Medium CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. [162153] High CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. [162114] High CVE-2013-0829: Corruption of database metadata leading to incorrect file access. Credit to Google Chrome Security Team (Jüri Aedla). [Windows only] [162066] Low CVE-2013-0830: Missing NUL termination in IPC. Credit to Google Chrome Security Team (Justin Schuh). [161836] Low CVE-2013-0831: Possible path traversal from extension process. Credit to Google Chrome Security Team (Tom Sepez). [160380] Medium CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome Security Team (Cris Neckar). [154485] Medium CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome Security Team (Cris Neckar). [154283] Medium CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google Chrome Security Team (Cris Neckar). [152921] Low CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis. [150545] High CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome Security Team (Cris Neckar). [145363] Medium CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen. [Linux only] [143859] Low CVE-2013-0838: Tighten permissions on shared memory segments. Credit to Google Chrome Security Team (Chris Palmer)." [1] MITIGATION The vendor recommends updating Chrome to the latest version to correct these issues. REFERENCES [1] Stable Channel Update http://googlechromereleases.blogspot.com.au/2013/01/stable-channel-update.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUO+bSu4yVqjM2NGpAQI7YQ/+LcZ8dYjPuTogiJtqeG26ncTFsJJV0IkJ 3AKbPylaLaDaZosOyh12urYnWt0DmsJo3p80qhEYzoG2BLPHTfAGecwhUA6XRw7A K4UfB6PCc1AcQp/41t9t8pmGHwGadtzVkbiEi9RpVZorla25GZglkOmXCdhw1Zda 64WtvJ5edTBOdepThYPiZWsr0ZJBumHCJsDHWSsrQpyrqsH7NVetZ5sBCjFRsJg0 waxyjLgU8BsLw1XT1lV8l4IDts8AUk091esgfmeifwvasS+H0r0YbxypUnRQj291 ril5pYPbWr1WymGPU0uFWepquBVHpunlpnNcpdXaaCoOlQRrMrjbgk18nNIpxQ33 CZnPwdJg8gDbk5c0zXT/31uw54XowWKoBBVv8UaeS8jsTH3nBYhImAuXMldIrpAi cBpBn4S2yHnT6vSZWjFu3kmiwm44jSYKLWoX9neDEgPTRjDw7YAqR9VBQdhYyJfJ pXAphm9dyHGD2wMu6DtEO8u+7tY4G9LuGyCWkABSHAxKBU0Wcugs3RKr1pxPT3P2 HHUDAjfy/D7yBb04Q7K51nDFeC3r0YPqY4zabNTKSBhHsRUkNgJdLLxTeO0dLPct YtYPxLUmo7Pl2tW2+2ZmncieiwHDy9LHo4q01tSjQWtH9JxhZ7OT0JGWhSycGB+F TjvZlthklnI= =/NVj -----END PGP SIGNATURE-----