Google Patches 13 Flaws in Chrome 19

Just a few days after releasing Chrome 19, Google has updated the browser again, fixing 13 vulnerabilities, including two critical bugs.

The two critical vulnerabilities that Google fixed in Chrome 19 are a use-after-free flaw in the browser cache and a memory corruption problem in the browser’s use of websockets over SSL. There also are nine high-severity vulnerabilities fixed in the latest version of the browser. The company paid out nearly $5,000 in rewards to researchers who reported vulnerabilities to Google as part of its bug bounty program.

The full list of bugs fixed in Chrome 19:

• [117409] High** CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).** * [118018] MediumCVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno). * [$1000] [120912] HighCVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.
• [122654] Critical** **CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).
• [124625] High** **CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).
• [$1337] [125159] Critical** **CVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”.
• [Linux only] [$1000] [126296] High** **CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé.
• [126337] [126343] [126378] [127349] [127819] [127868] High** **CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [$500] [126414] Medium** **CVE-2011-3111: Invalid read in v8. Credit to Christian Holler.
• [127331] High** **CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [127883] High** **CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [128014] High** **CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).
• [$1000] [128018] High** **CVE-2011-3115: Type corruption in v8. Credit to Christian Holler.