Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
Google Chrome prior to 17.0.963.83
Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. A use-after-free may occur with first-letter handling [CVE-2011-3050]. A use-after-free may occur in CSS cross-fade handling [CVE-2011-3051]. A memory corruption error may occur in WebGL canvas handling [CVE-2011-3052]. A use-after-free may occur in block splitting [CVE-2011-3053]. Some webui privilege errors may occur [CVE-2011-3054]. A unspecified flaw in prompting the user for unpacked extension installation may occur [CVE-2011-3055]. A remote user can bypass same origin restristions with a "magic iframe" [CVE-2011-3056].
A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
The vendor has issued a fix (17.0.963.83).