Monthly Archive: January 2013

Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. Date...

Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory. Date published :...

Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds...

Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. Date published : 2013-01-15 http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=165430

Integer overflow in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code in a PDF document. Date published : 2013-01-15...

Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data. Date published : 2013-01-15...

Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Date published : 2013-01-15...

The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors. Date published : 2013-01-15 http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=167122

Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. Date published : 2013-01-15 http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=165864

Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL. Date published : 2013-01-15 http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=165622

Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout. Date published : 2013-01-15 http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=162494

Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors. Date published : 2013-01-15 http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=143859

Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs. Date published : 2013-01-15 http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=145363

Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other...