Google Chrome Multiple Denial Of Service Vulnerabilities - January12 (Linux) Network Vulnerability

Summary

The host is installed with Google Chrome and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation could allow attackers to execute arbitrary code, cause a denial of service. Impact Level: Application

Solution

Upgrade to the Google Chrome 16.0.912.75 or later, For updates refer to http://www.google.com/chrome

Insight

Multiple flaws are due to, - A use-after-free error when the handling of animation frames. - A boundary error within the 'xmlStringLenDecodeEntities()' function of libxml2 - A stack based buffer overflow error in glyph handling.

Affected

Google Chrome version prior to 16.0.912.75 on Linux

References

http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html
http://secunia.com/advisories/47449/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3919, CVE-2011-3921, CVE-2011-3922
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AnalogX SimpleServer:WWW DoS
Apache httpd Web Server Range Header Denial of Service Vulnerability
Apple Safari Multiple Vulnerabilities June-09 (Win) - I
Apple QuickTime Multiple Vulnerabilities - Jan09 (Win)
3com switch2hub

Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Linux)

Take action and discover your vulnerabilities