Lucene search

K
chromeHttps://chromereleases.googleblog.comGCSA-2743358659699521893
HistoryOct 04, 2011 - 12:00 a.m.

Stable Channel Update

2011-10-0400:00:00
https://chromereleases.googleblog.com
chromereleases.googleblog.com
6

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

The Stable channel has been updated to 14.0.835.202 for Windows, Mac, Linux, and Chrome Frame. This release contains Adobe Flash Player 11, along with the stability and security fixes listed below.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [$1000] [93788] High CVE-2011-2876: Use-after-free in text line box handling. Credit to miaubiz.
  • [$1000] [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to miaubiz.
  • [$2000] [95671] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov.
  • [96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling. Credit to Google Chrome Security Team (Inferno).
  • [$4500] [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8 bindings. Credit to Sergey Glazunov.
  • [$1500] [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects. Credit to Sergey Glazunov.
  • [98089] Critical CVE-2011-3873: Memory corruption in shader translator. Credit to Zhenyao Mo of the Chromium development community.
    Full details about what changes have been made in this release are available in the SVN revision log. Interested in switching to another channel? Find out how. If you find a new issue, please let us know by filing a bug.

Jason Kersey
Google Chrome

Affected configurations

Vulners
Node
googlechromeRange<14.0.835.202
CPENameOperatorVersion
google chromelt14.0.835.202

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%