RETIRED: Google Chrome Prior to 25.0.1364.152 Multiple Security Vulnerabilities
BID:58291
Info
RETIRED: Google Chrome Prior to 25.0.1364.152 Multiple Security Vulnerabilities
| Bugtraq ID: | 58291 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 04 2013 12:00AM |
| Updated: | Apr 26 2013 09:20PM |
| Credit: | Chamal de Silva, chromium.khalil, Atte Kettunen of OUSPG, Chrome Security Team (Jüri Aedla), Andrew Scherkus of the Chromium development community, Egor Homakov, and Google Chrome Security Team (Chris Evans). |
| Vulnerable: |
Google Chrome 17.0.963 79 Google Chrome 17.0.963 65 Google Chrome 16.0.912 75 Google Chrome 15.0.874 102 Google Chrome 2.0.172 .43 Google Chrome 2.0.172 .37 Google Chrome 2.0.172 .33 Google Chrome 2.0.172 .31 Google Chrome 2.0.172 .30 Google Chrome 9.0.597.94 Google Chrome 9.0.597.84 Google Chrome 9.0.597.107 Google Chrome 8.0.552.344 Google Chrome 8.0.552.310 Google Chrome 8.0.552.309 Google Chrome 8.0.552.308 Google Chrome 8.0.552.307 Google Chrome 8.0.552.306 Google Chrome 8.0.552.305 Google Chrome 8.0.552.304 Google Chrome 8.0.552.303 Google Chrome 8.0.552.302 Google Chrome 8.0.552.301 Google Chrome 8.0.552.300 Google Chrome 8.0.552.237 Google Chrome 8.0.552.226 Google Chrome 8.0.552.225 Google Chrome 8.0.552.224 Google Chrome 8.0.552.223 Google Chrome 8.0.552.222 Google Chrome 8.0.552.221 Google Chrome 8.0.552.220 Google Chrome 8.0.552.219 Google Chrome 8.0.552.218 Google Chrome 8.0.552.217 Google Chrome 8.0.552.216 Google Chrome 8.0.552.215 Google Chrome 8.0.552.215 Google Chrome 8.0.552.214 Google Chrome 8.0.552.213 Google Chrome 8.0.552.212 Google Chrome 8.0.552.211 Google Chrome 8.0.552.210 Google Chrome 8.0.552.21 Google Chrome 8.0.552.209 Google Chrome 8.0.552.208 Google Chrome 8.0.552.207 Google Chrome 8.0.552.206 Google Chrome 8.0.552.205 Google Chrome 8.0.552.204 Google Chrome 8.0.552.203 Google Chrome 8.0.552.202 Google Chrome 8.0.552.201 Google Chrome 8.0.552.200 Google Chrome 8.0.552.20 Google Chrome 8.0.552.2 Google Chrome 8.0.552.19 Google Chrome 8.0.552.18 Google Chrome 8.0.552.17 Google Chrome 8.0.552.16 Google Chrome 8.0.552.15 Google Chrome 8.0.552.14 Google Chrome 8.0.552.13 Google Chrome 8.0.552.12 Google Chrome 8.0.552.11 Google Chrome 8.0.552.105 Google Chrome 8.0.552.104 Google Chrome 8.0.552.103 Google Chrome 8.0.552.102 Google Chrome 8.0.552.101 Google Chrome 8.0.552.100 Google Chrome 8.0.552.10 Google Chrome 8.0.552.1 Google Chrome 8.0.552.0 Google Chrome 8.0.551.1 Google Chrome 8.0.551.0 Google Chrome 8.0.550.0 Google Chrome 19.0.1084.52 Google Chrome 19 Google Chrome 18.0.1025.168 Google Chrome 18.0.1025.162 Google Chrome 18.0.1025.151 Google Chrome 18.0.1025.142 Google Chrome 17.0.963.83 Google Chrome 17.0.963.78 Google Chrome 17.0.963.60 Google Chrome 17.0.963.56 Google Chrome 17.0.963.46 Google Chrome 16.0.912.77 Google Chrome 16.0.912.75 Google Chrome 16.0.912.63 Google Chrome 16 Google Chrome 15.0.874.121 Google Chrome 15.0.874.120 Google Chrome 14.0.835.202 Google Chrome 14.0.835.186 Google Chrome 14.0.835.163 Google Chrome 14 Google Chrome 13.0.782.215 Google Chrome 13.0.782.112 Google Chrome 13.0.782.107 Google Chrome 13 Google Chrome 12.0.742.91 Google Chrome 12.0.742.112 Google Chrome 12.0.742.100 Google Chrome 12 Google Chrome 11.0.696.77 Google Chrome 11.0.696.71 Google Chrome 11.0.696.68 Google Chrome 11.0.696.65 Google Chrome 11.0.696.57 Google Chrome 11.0.696.43 Google Chrome 11.0.696.43 Google Chrome 11.0.672.2 Google Chrome 11 Google Chrome 10.0.648.205 Google Chrome 10.0.648.205 Google Chrome 10.0.648.205 Google Chrome 10.0.648.204 Google Chrome 10.0.648.133 Google Chrome 10.0.648.128 Google Chrome 10.0.648.127 Google Chrome 10.0.648.127 Google Chrome 10 |
| Not Vulnerable: | |
Discussion
RETIRED: Google Chrome Prior to 25.0.1364.152 Multiple Security Vulnerabilities
Google Chrome is prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, gain sensitive information, and bypass the same-origin policy; other attacks may also be possible.
Versions prior to Chrome 25.0.1364.152 are vulnerable.
This BID is being retired. The following individual records exist to better document the issues:
59515 WebKit 'FrameLoader::checkCompleted()' Function Use After Free Remote Code Execution Vulnerability
59516 Google Chrome CVE-2013-0903 Use After Free Remote Code Execution Vulnerability
59517 WebKit 'addChildNodesToDeletionQueue()' Function Use After Free Remote Code Execution Vulnerability
59519 Google Chrome CVE-2013-0907 Race Condition Denial of Service Vulnerability
59521 Google Chrome CVE-2013-0908 Unspecified Security Vulnerability
59522 Google Chrome CVE-2013-0909 Information Disclosure Vulnerability
59524 Google Chrome CVE-2013-0910 Security Bypass Vulnerability
59518 Google Chrome CVE-2013-0904 Memory Corruption Vulnerability
59520 Google Chrome CVE-2013-0906 Memory Corruption Vulnerability
59523 Google Chrome CVE-2013-0911 Directory Traversal Vulnerability
Google Chrome is prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, gain sensitive information, and bypass the same-origin policy; other attacks may also be possible.
Versions prior to Chrome 25.0.1364.152 are vulnerable.
This BID is being retired. The following individual records exist to better document the issues:
59515 WebKit 'FrameLoader::checkCompleted()' Function Use After Free Remote Code Execution Vulnerability
59516 Google Chrome CVE-2013-0903 Use After Free Remote Code Execution Vulnerability
59517 WebKit 'addChildNodesToDeletionQueue()' Function Use After Free Remote Code Execution Vulnerability
59519 Google Chrome CVE-2013-0907 Race Condition Denial of Service Vulnerability
59521 Google Chrome CVE-2013-0908 Unspecified Security Vulnerability
59522 Google Chrome CVE-2013-0909 Information Disclosure Vulnerability
59524 Google Chrome CVE-2013-0910 Security Bypass Vulnerability
59518 Google Chrome CVE-2013-0904 Memory Corruption Vulnerability
59520 Google Chrome CVE-2013-0906 Memory Corruption Vulnerability
59523 Google Chrome CVE-2013-0911 Directory Traversal Vulnerability
Exploit / POC
RETIRED: Google Chrome Prior to 25.0.1364.152 Multiple Security Vulnerabilities
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Some of these issues may be trivial to exploit and will not require specific exploit code.
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Some of these issues may be trivial to exploit and will not require specific exploit code.
Solution / Fix
RETIRED: Google Chrome Prior to 25.0.1364.152 Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
RETIRED: Google Chrome Prior to 25.0.1364.152 Multiple Security Vulnerabilities
References:
References:
- Google Chrome Homepage (Google)