Google Chrome < 15.0.874.102 Multiple Vulnerabilities

2011-10-2600:00:00

Tenable

www.tenable.com

Versions of Google Chrome earlier than 15.0.874.102 are affected by multiple vulnerabilities :

Several URL bar spoofing errors exist related to history handling and drag-and-drop of URLs. (CVE-2011-28245, CVE-2011-3875)
Whitespace is stripped from the end of download filenames. (CVE-2011-3876)
A cross-site scripting issue exists related to the appcache internals page. (CVE-2011-3877)
A race condition exists related to working process initialization. (CVE-2011-3878)
An error exists related to redirection to chrome scheme URIs. (CVE-2011-3879)
Unspecified special characters may be used as delimiters in HTTP headers. (CVE-2011-3880)
Several cross-origin policy violation issues exist. (CVE-2011-3881)
Several use-after-free errors exist related to media buffer handling, counter handling, stale styles, plugins and editing, and video source handling. (CVE-2011-3882, CVE-2011-3883, CVE-2011-3885, CVE-2011-3888, CVE-2011-3890)
Timing issues exist related to DOM traversal. (CVE-2011-3884)
An out-of-bounds write error exists in the V8 JavaScript engine. (CVE-2011-3886)
Cookie theft is possible via JavaScript URIs. (CVE-2011-3887)
A heap overflow issue exists related to Web Audio. (CVE-2011-3889)
Functions internal to the V8 JavaScript engine are exposed. (CVE-2011-3891)

Binary data 6050.pasl

VendorProductVersionCPE
googlechromecpe:/a:google:chrome

Vendor	Product	Version	CPE
google	chrome		cpe:/a:google:chrome

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2845

googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html

Related for 6050.PASL