chromium -- multiple vulnerabilities

2014-05-20T00:00:00
ID 64F3872B-E05D-11E3-9DD4-00262D5ED8EE
Type freebsd
Reporter FreeBSD
Modified 2014-05-20T00:00:00

Description

Google Chrome Releases reports:

23 security fixes in this release, including:

[356653] High CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer. [359454] High CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple. [346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG. [364065] Medium CVE-2014-1746: Out-of-bounds read in media filters. Credit to Holger Fuhrmannek. [330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu. [331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne. [374649] CVE-2014-1749: Various fixes from internal audits, fuzzing and other initiatives. [358057] CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.