Multiple vulnerabilities in Techland Chrome
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2011-3924 CVE-2011-3926 CVE-2011-3927 CVE-2011-3928 |
| CWE-ID | CWE-416 CWE-122 CWE-665 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Google Chrome Client/Desktop applications / Web browsers |
| Vendor |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU44368
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-3924
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to DOM selections. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate to version 16.0.912.77.
Vulnerable software versionsGoogle Chrome: 16.0.912.0 - 16.0.912.76
CPE2.3- cpe:2.3:a:google:google_chrome:16.0.912.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.2:*:*:*:*:*:*:*
https://code.google.com/p/chromium/issues/detail?id=106484
https://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html
https://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
https://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
https://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
https://secunia.com/advisories/47694
https://support.apple.com/kb/HT5400
https://support.apple.com/kb/HT5485
https://support.apple.com/kb/HT5503
https://www.securitytracker.com/id?1026569
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13887
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Heap-based buffer overflow
EUVDB-ID: #VU44370
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-3926
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77. A remote attacker can use unknown vectors. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 16.0.912.77.
Vulnerable software versionsGoogle Chrome: 16.0.912.0 - 16.0.912.76
CPE2.3- cpe:2.3:a:google:google_chrome:16.0.912.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.2:*:*:*:*:*:*:*
https://code.google.com/p/chromium/issues/detail?id=109556
https://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html
https://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
https://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
https://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
https://secunia.com/advisories/47694
https://support.apple.com/kb/HT5400
https://support.apple.com/kb/HT5485
https://support.apple.com/kb/HT5503
https://www.securitytracker.com/id?1026569
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14552
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Initialization
EUVDB-ID: #VU44371
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-3927
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 16.0.912.0 - 16.0.912.76
CPE2.3- cpe:2.3:a:google:google_chrome:16.0.912.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.2:*:*:*:*:*:*:*
https://code.google.com/p/chromium/issues/detail?id=108605
https://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html
https://secunia.com/advisories/47694
https://www.securitytracker.com/id?1026569
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13948
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU44372
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-3928
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to DOM handling. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate to version 16.0.912.77.
Vulnerable software versionsGoogle Chrome: 16.0.912.0 - 16.0.912.76
CPE2.3- cpe:2.3:a:google:google_chrome:16.0.912.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:16.0.912.2:*:*:*:*:*:*:*
https://code.google.com/p/chromium/issues/detail?id=108461
https://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html
https://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
https://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
https://secunia.com/advisories/47694
https://secunia.com/advisories/48288
https://secunia.com/advisories/48377
https://www.securitytracker.com/id?1026569
https://www.securitytracker.com/id?1026774
https://exchange.xforce.ibmcloud.com/vulnerabilities/73809
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
