PROBLEM:
Google Chrome Two Code Execution Vulnerabilities
PLATFORM:
Google Chrome 17.x
ABSTRACT:
Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.
referenceĀ LINKS:
Secunia Advisory SA48321
SecurityTracker Alert ID: 1026776
CVE-2011-3046
IMPACT ASSESSMENT:
High
Discussion:
A vulnerability was reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger an unspecified flaw and execute arbitrary code (outside of the sandbox) on the target system. The code will run with the privileges of the target user.
Impact:
Successful exploitation allows execution of arbitrary code.
Solution:
The vendor has issued a fix (17.0.963.78)