Google Chrome 5.0.375.127 updates fix multiple Security Vulnerabilities

Source: Internet
Author: User

Release date: 2010-08-19
Updated on: 2010-08-25

Affected Systems:
Google Chrome 5.0
Unaffected system:
Google Chrome 5.0.375.127
Description:
--------------------------------------------------------------------------------
Bugtraq id: 42571
Cve id: CVE-2010-3111, CVE-2010-3112, CVE-2010-3113, CVE-2010-3114, CVE-2010-3115, CVE-2010-3116, CVE-2010-3117, CVE-2010-3118, CVE-2010-3119

Google Chrome is an open-source WEB browser released by Google.

Chrome 5.0.375.127 updates fix multiple security vulnerabilities. malicious web pages may cause denial of service, leakage of sensitive information, or full intrusion into the user system.

CVE-2010-3120

Chrome does not correctly implement the Geolocation function. Remote attackers can cause denial of service or execute arbitrary code.

CVE-2010-3119

Chrome does not correctly support the Ruby language. Remote attackers can cause denial of service or execute arbitrary code.

CVE-2010-3118

The automatic suggestion function implemented by Omnibox does not take password into account. Remote attackers can obtain sensitive information by reading the network communication generated by this function.

CVE-2010-3117

Chrome does not correctly implement the notification function. Remote attackers can cause denial of service or execute arbitrary code.

CVE-2010-3116

Chrome does not properly process MIME types. Remote attackers can cause denial-of-service attacks or execute arbitrary code.

CVE-2010-3115

Chrome does not properly implement the history function. Remote attackers can fool the address bar.

CVE-2010-3114

The text editing Implementation of Chrome does not correctly execute the assignment.

CVE-2010-3113

Chrome does not properly process SVG documents. Remote attackers can cause denial-of-service attacks or execute arbitrary code.

CVE-2010-3112

Chrome does not correctly implement the file dialog box. Remote attackers can cause denial of service or execute arbitrary code.

CVE-2010-3111

Chrome does not properly mitigate a vulnerability in the Windows Kernel.

<* Source: Sergey glaz.pdf
Wooshi@gmail.com (wushi)
Mike Taylor

Link: http://secunia.com/advisories/41014/
Http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Google
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.google.com

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.