You are here

U-041: Google Chrome Out-of-Bounds Write Error Lets Remote Users Execute Arbitrary Code

November 18, 2011 - 9:00am

Addthis

PROBLEM:

Google Chrome Out-of-Bounds Write Error Lets Remote Users Execute Arbitrary Code.

PLATFORM:

Version(s) prior to 15.0.874.121

ABSTRACT:

A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

reference LINKS:

Stable Channel Update
CVE-2011-3900
SecurityTracker Alert ID: 1026338

IMPACT ASSESSMENT:

High

Discussion:

A vulnerability was reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger an out-of-bounds write error in the v8 engine and execute arbitrary code on the target system. The code will run with the privileges of the target user.

Impact:

A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

Solution:

Google Releases Chrome 15.0.874.121 - Google Chrome

Addthis