You are here

U-122 Google Chrome Two Code Execution Vulnerabilities

March 12, 2012 - 7:00am

Addthis

PROBLEM:

Google Chrome Two Code Execution Vulnerabilities

PLATFORM:

Google Chrome 17.x

ABSTRACT:

Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

referenceĀ  LINKS:

Secunia Advisory SA48321
SecurityTracker Alert ID: 1026776
CVE-2011-3046

IMPACT ASSESSMENT:

High

Discussion:

A vulnerability was reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger an unspecified flaw and execute arbitrary code (outside of the sandbox) on the target system. The code will run with the privileges of the target user.

Impact:

Successful exploitation allows execution of arbitrary code.

Solution:

The vendor has issued a fix (17.0.963.78)

Addthis