FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 18.0.1025.151

Details

VuXML ID 057130e6-7f61-11e1-8a43-00262d5ed8ee
Discovery 2012-04-05
Entry 2012-04-05

Google Chrome Releases reports:

[106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping. Credit to miaubiz.

[117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to Sergey Glazunov.

[117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to miaubiz.

[117728] High CVE-2011-3069: Use-after-free in line box handling. Credit to miaubiz.

[118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to Google Chrome Security Team (SkyLined).

[118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).

[118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up window. Credit to Sergey Glazunov.

[118593] High CVE-2011-3073: Use-after-free in SVG resource handling. Credit to Arthur Gerkis.

[119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit to Slawomir Blazek.

[119525] High CVE-2011-3075: Use-after-free applying style command. Credit to miaubiz.

[120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to miaubiz.

[120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit to Google Chrome Security Team (Inferno).

References

CVE Name CVE-2011-3066
CVE Name CVE-2011-3067
CVE Name CVE-2011-3068
CVE Name CVE-2011-3069
CVE Name CVE-2011-3070
CVE Name CVE-2011-3071
CVE Name CVE-2011-3072
CVE Name CVE-2011-3073
CVE Name CVE-2011-3074
CVE Name CVE-2011-3075
CVE Name CVE-2011-3076
CVE Name CVE-2011-3077
URL http://googlechromereleases.blogspot.com/search/label/Stable%20updates