PROBLEM:
Google Chrome Multiple Vulnerabilities
PLATFORM:
Google Chrome 21.x
ABSTRACT:
Multiple vulnerabilities have been reported in Google Chrome.
reference LINKS:
Secunia Advisory SA50447
Stable Channel Update
CVE-2012-2865
CVE-2012-2866
CVE-2012-2867
CVE-2012-2868
CVE-2012-2869
CVE-2012-2870
CVE-2012-2871
CVE-2012-2872
IMPACT ASSESSMENT:
High
Discussion:
Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
1) An out-of-bounds read error exists when handling line breaks.
2) A bad cast error exists within run-ins.
3) A race condition error exists when handling XMLHttpRequest calls.
4) An error when loading URLs can be exploited to cause a stale buffer.
5) A bad cast error exists when handling XSL transforms.
6) An error when handling certain SSL data can be exploited to cause a cross-site scripting attack.
The vulnerabilities are reported in versions prior to 21.0.1180.89.
Impact:
Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, and compromise a user's system.
Solution:
The vendor has issued a fix. Update to version 21.0.1180.89.