Chrome 35 Fixes 23 Security Flaws

2014-05-20T14:11:21
ID THREATPOST:BE295CCB6FC1FBBC4D99DAD78F09067A
Type threatpost
Reporter Dennis Fisher
Modified 2014-05-20T18:11:21

Description

Google has fixed 23 security vulnerabilities in Chrome, including three high-risk flaws, and handed out $9,500 in rewards to researchers.

Among the vulnerabilities that the company fixed in Chrome 35 are use-after-free flaws and an integer overflow, all of which are rated high. Google didn’t disclose the details of all of the various security vulnerabilities, but of the eight that it listed in its advisory, those three are the most serious.

The full list of vulnerabilities patched in Chrome 35 will be published later, but here are the ones that Google has published and received bug bounties:

[$3000][**356653] High **CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer.

[$3000][**359454] High **CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple.

[$1000][**346192] High **CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.

[$1000][**364065] Medium **CVE-2014-1746: Out-of-bounds read in media filters. Credit to Holger Fuhrmannek.

[$1000][**330663] Medium **CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu.

[$500][331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne.

Users running Chrome should upgrade as soon as possible in order to avoid attacks against these flaws.