FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 18.0.1025.168

Details

VuXML ID 94c0ac4f-9388-11e1-b242-00262d5ed8ee
Discovery 2012-04-30
Entry 2012-05-01

Google Chrome Releases reports:

[106413] High CVE-2011-3078: Use after free in floats handling. Credit to Google Chrome Security Team (Marty Barbella) and independent later discovery by miaubiz.

[117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.

[121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem Pinckaers of Matasano.

[121899] High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz.

[117110] High CVE-2012-1521: Use after free in xml parser. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by wushi of team509 reported through iDefense VCP (V-874rcfpq7z).

[source]

References

CVE Name CVE-2011-3078
CVE Name CVE-2011-3079
CVE Name CVE-2011-3080
CVE Name CVE-2011-3081
CVE Name CVE-2012-1521
URL http://googlechromereleases.blogspot.com/search/label/Stable%20updates

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.