Chrome Updated V24
The Chrome team over at Google have been busy, and V24 of their Chrome browser has been released.
V24 brings both new functionality with the introduction of Math ML and an update to the flash version but also more importantly a significant number of bug fixes.
| Reference | Rating | CVE | Description |
|---|---|---|---|
| 162494 | High | CVE-2012-5145 | Use-after-free in SVG layout. |
| 165622 | High | CVE-2012-5146 | Same origin policy bypass with malformed URL |
| 165864 | High | CVE-2012-5147 | Use-after-free in DOM handling |
| 167122 | Medium | CVE-2012-5148 | Missing filename sanitization in hyphenation support |
| 166795 | High | CVE-2012-5149 | Integer overflow in audio IPC handling |
| 165601 | High | CVE-2012-5150 | Use-after-free when seeking video |
| 165538 | High | CVE-2012-5151 | Integer overflow in PDF JavaScript |
| 165430 | Medium | CVE-2012-5152 | Out-of-bounds read when seeking video |
| 164565 | High | CVE-2012-5153 | Out-of-bounds stack access in v8 |
| 164490 | Low | CVE-2012-5154 | Integer overflow in shared memory allocation |
| 163208 | Medium | CVE-2012-5155 | Missing Mac sandbox for worker processes |
| 162778 | High | CVE-2012-5156 | Use-after-free in PDF fields |
|
162776 / 162156 |
Medium | CVE-2012-5157 | Out-of-bounds reads in PDF image handling |
| 162153 | High | CVE-2013-0828 | Bad cast in PDF root handling |
| 162114 | high | CVE-2013-0829 | Corruption of database metadata leading to incorrect file access |
| 162066 | Low | CVE-2013-0830 | Missing NUL termination in IPC |
| 161836 | Low | CVE-2013-0831 | Possible path traversal from extension process |
| 160380 | Medium | CVE-2013-0832 | Use-after-free with printing |
| 154485 | Medium | CVE-2013-0833 | Out-of-bounds read with printing |
| 154283 | Medium | CVE-2013-0834 | Out-of-bounds read with glyph handling |
| 152921 | Low | CVE-2013-0835 | Browser crash with geolocation |
| 150545 | High | CVE-2013-0836 | Crash in v8 garbage collection |
| 145363 | Medium | CVE-2013-0837 | Crash in extension tab handling |
| 143859 | Low | CVE-2013-0838 | Tighten permissions on shared memory segments |
For more details, and the credits to the vulnerabilities please see:
http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html
http://code.google.com/p/chromium/issues/detail?id=152430
Steve
I'll have PDF with another slice of PDF please.
Well, hot on the heals of Microsoft Patch Tuesday as we now know comes Adobe Patch Tuesday.
Guy has already kindly alerted us to the Cold Fusion vulnerability announced in apsa13-01 but we also need to highlight apsa13-02 which was also released on the 8th.
This covers a huge number of CVE's (27 if you need to know) and most of which "could" lead to code execution using a variety of techniques including use-after-free, integer, heap and stack over flows.
However, as we know "other PDF readers are available" and Foxit is quiet often what security minded people have installed. However there is also announced this week an as yet un-patched vulnerability discovered by Andrea Micalizzii in Foxit Reader 5.x, and Foxit Reader 2.x Plugin for which the exploit code is publicly available. This has reportedly been tested against version Foxit Reader 5.4.4.1128 which is what is available for download as of today.
Comments