You are here

U-213: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

July 16, 2012 - 7:00am

Addthis

PROBLEM:

Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

PLATFORM:

Version(s): prior to 20.0.1132.57

ABSTRACT:

Several vulnerabilities were reported in Google Chrome.

referenceĀ  LINKS:

Stable Channel Update
SecurityTracker Alert ID: 1027249

IMPACT ASSESSMENT:

High

Discussion:

Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
A use-after-free may occur in counter handling [CVE-2012-2842].
A use-after-free may occur in layout height tracking [CVE-2012-2843].
An object access error may occur with JavaScript in PDF [CVE-2012-2844].

Impact:

A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

Solution:

The vendor has issued a fix (20.0.1132.57).

Addthis