PROBLEM:
Google Chrome Multiple Vulnerabilities
PLATFORM:
Google Chrome prior to 25.0.1364.152.
ABSTRACT:
Multiple vulnerabilities have been reported in Google Chrome
REFERENCE LINKS:
Stable Channel Update
Secunia Advisory SA52454
CVE-2013-0902
CVE-2013-0903
CVE-2013-0904
CVE-2013-0905
CVE-2013-0906
CVE-2013-0907
CVE-2013-0908
CVE-2013-0909
CVE-2013-0910
CVE-2013-0911
IMPACT ASSESSMENT:
High
DISCUSSION:
Multiple vulnerabilities in Google Chrome may have an unknown impact and others can be exploited by malicious people to compromise a user's system.
1) A use-after-free error exists in frame loader.
2) A use-after-free error exists in browser navigation handling.
3) An error in Web Audio can be exploited to cause memory corruption.
4) A use-after-free error exists in SVG animations.
5) An error in Indexed DB can be exploited to cause memory corruption.
6) A race condition error exists in media thread handling.
7) An error exists during handling of bindings for extension processes.
8) An error exists when loading browser plug-in.
9) A path traversal error exists when handling database.
IMPACT:
Vulnerabilities may have an unknown impact and others can be exploited by malicious people to compromise a user's system.
SOLUTION:
The vendor has issued a fix (5 Update 41, 6 Update 43, 7 Update 17).