|
|
|
|
| |
Credit:
The information has been provided by Chamal de Silva, pawlkt, Michal Zalewski, Cris Neckar .
The original article can be found at: http://googlechromereleases.blogspot.in/2012/12/stable-channel-update.html
|
| |
Vulnerable Systems:
* Google Chrome Prior to 23.0.1271.9
CVE-2012-5139:Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events.
CVE-2012-5140:Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader.
CVE-2012-5141:Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors.
CVE-2012-5142:Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVE-2012-5143:Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers.
CVE-2012-5144:Google Chrome before 23.0.1271.97 does not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE Information:
CVE-2012-5139
CVE-2012-5140
CVE-2012-5141
CVE-2012-5142
CVE-2012-5143
CVE-2012-5144
Disclosure Timeline:
Published: December 11 2012
|
|
|
|
|
