VuXML: chromium -- multiple vulnerabilities

VuXML ID	ae651a4b-0a42-11e3-ba52-00262d5ed8ee
Discovery	2013-08-20
Entry	2013-08-21

Google Chrome Releases reports:

25 security fixes in this release, including:

[181617] High CVE-2013-2900: Incomplete path sanitization in file handling. Credit to Krystian Bigaj.

[254159] Low CVE-2013-2905: Information leak via overly broad permissions on shared memory files. Credit to Christian Jaeger.

[257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.

[260105] High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.

[260156] High CVE-2013-2903: Use after free in media element. Credit to cloudfuzzer.

[260428] High CVE-2013-2904: Use after free in document parsing. Credit to cloudfuzzer.

[274602] CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29).

[source]

CVE Name	CVE-2013-2887
CVE Name	CVE-2013-2900
CVE Name	CVE-2013-2901
CVE Name	CVE-2013-2902
CVE Name	CVE-2013-2903
CVE Name	CVE-2013-2904
CVE Name	CVE-2013-2905
URL	http://googlechromereleases.blogspot.nl/

chromium -- multiple vulnerabilities

Details

References