User: Password:
|
|
Subscribe / Log in / New account

chromium-browser: multiple vulnerabilities

Package(s):chromium-browser CVE #(s):CVE-2011-2359 CVE-2011-2800 CVE-2011-2818
Created:September 12, 2011 Updated:September 15, 2011
Description: From the Debian advisory:

CVE-2011-2818: Use-after-free vulnerability in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.

CVE-2011-2800: Google Chrome before allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.

CVE-2011-2359: Google Chrome does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Alerts:
Debian DSA-2307-1 chromium-browser 2011-09-11

(Log in to post comments)

chromium-browser: multiple vulnerabilities

Posted Sep 15, 2011 7:12 UTC (Thu) by nix (subscriber, #2304) [Link]

Looks to me like two out of three of these vulns (i.e. all the vulns that are classic C security holes) are rendered harmless by Chromium's sandboxing.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds