Multiple vulnerabilities in Techland Chrome
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2011-3059 CVE-2011-3060 CVE-2011-3061 CVE-2011-3062 CVE-2011-3063 CVE-2011-3064 CVE-2011-3065 CVE-2011-3052 |
| CWE-ID | CWE-125 CWE-295 CWE-682 CWE-20 CWE-416 CWE-190 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Google Chrome Client/Desktop applications / Web browsers |
| Vendor |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU44166
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3059
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=112317
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://support.apple.com/kb/HT5400
http://support.apple.com/kb/HT5485
http://support.apple.com/kb/HT5503
http://www.securityfocus.com/bid/52762
http://www.securitytracker.com/id?1026877
http://exchange.xforce.ibmcloud.com/vulnerabilities/74409
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15200
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU44167
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3060
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=114056
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://support.apple.com/kb/HT5400
http://support.apple.com/kb/HT5485
http://support.apple.com/kb/HT5503
http://www.securityfocus.com/bid/52762
http://www.securitytracker.com/id?1026877
http://exchange.xforce.ibmcloud.com/vulnerabilities/74410
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15364
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Certificate Validation
EUVDB-ID: #VU44168
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3061
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=116398
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://osvdb.org/80739
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://www.securityfocus.com/bid/52762
http://www.securitytracker.com/id?1026877
http://exchange.xforce.ibmcloud.com/vulnerabilities/74411
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14849
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Incorrect calculation
EUVDB-ID: #VU44169
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3062
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=116524
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://osvdb.org/80740
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://secunia.com/advisories/48972
http://secunia.com/advisories/49047
http://secunia.com/advisories/49055
http://www.mandriva.com/security/advisories?name=MDVSA-2012:066
http://www.mandriva.com/security/advisories?name=MDVSA-2012:081
http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
http://www.securitytracker.com/id?1026877
http://bugzilla.mozilla.org/show_bug.cgi?id=739925
http://exchange.xforce.ibmcloud.com/vulnerabilities/74412
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15488
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU44170
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3063
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=117417
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://www.securityfocus.com/bid/52762
http://www.securitytracker.com/id?1026877
http://exchange.xforce.ibmcloud.com/vulnerabilities/74413
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15226
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use-after-free
EUVDB-ID: #VU44171
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3064
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to SVG clipping. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate to version 18.0.1025.142.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=117471
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://osvdb.org/80742
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://support.apple.com/kb/HT5400
http://support.apple.com/kb/HT5485
http://support.apple.com/kb/HT5503
http://www.securityfocus.com/bid/52762
http://www.securitytracker.com/id?1026877
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Integer overflow
EUVDB-ID: #VU44172
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3065
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=117588
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://osvdb.org/80743
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://www.securityfocus.com/bid/52762
http://www.securitytracker.com/id?1026877
http://exchange.xforce.ibmcloud.com/vulnerabilities/74415
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15415
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU44189
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3052
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 18.0.1025.0 - 18.0.1025.140
CPE2.3- cpe:2.3:a:google:google_chrome:18.0.1025.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:18.0.1025.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=116637
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
http://osvdb.org/80290
http://secunia.com/advisories/48512
http://secunia.com/advisories/48527
http://security.gentoo.org/glsa/glsa-201203-19.xml
http://www.securityfocus.com/bid/52674
http://www.securitytracker.com/id?1026841
http://exchange.xforce.ibmcloud.com/vulnerabilities/74212
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14819
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
