Lucene search

K
chromeHttps://chromereleases.googleblog.comGCSA-3472158316402341635
HistoryMar 24, 2011 - 12:00 a.m.

Stable Channel Update

2011-03-2400:00:00
https://chromereleases.googleblog.com
chromereleases.googleblog.com
22

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

High

EPSS

0.022

Percentile

89.7%

The Chrome Stable and Beta channels have been updated to 10.0.648.204 for Windows, Mac, Linux and Chrome Frame. Included in this release is support for the password manager on Linux, performance and stability fixes, as well as the security fixes listed below.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [$500] [72517] High CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin.
  • [$1000] [73216] High CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek.
  • [$2000] [73595] High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov.
  • [$1500] [74562] High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov.
  • [$2000] [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov.
  • [$1500] [75170] High CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov.

_

The full list of changes is available from theSVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey

Google Chrome

_

Affected configurations

Vulners
Node
googlechromeRange<10.0.648.204
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

High

EPSS

0.022

Percentile

89.7%