chromium -- multiple vulnerabilities

2012-02-08T00:00:00
ID FE1976C2-5317-11E1-9E99-00262D5ED8EE
Type freebsd
Reporter FreeBSD
Modified 2012-02-08T00:00:00

Description

Google Chrome Releases reports:

[73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community. [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne. [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community. [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley. [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG. [105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz. [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG. [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG. [108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen. [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG. [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG. [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com. [109664] Low CVE-2011-3965: Crash in signature check. Credit to Slawomir Blazek. [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG. [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo. [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis. [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis. [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG. [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis. [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno).