FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 24.0.1312.56


VuXML ID 8d03202c-6559-11e2-a389-00262d5ed8ee
Discovery 2013-01-22
Entry 2013-01-23

Google Chrome Releases reports:

[151008] High CVE-2013-0839: Use-after-free in canvas font handling. Credit to Atte Kettunen of OUSPG.

[170532] Medium CVE-2013-0840: Missing URL validation when opening new windows.

[169770] High CVE-2013-0841: Unchecked array index in content blocking. Credit to Google Chrome Security Team (Chris Evans).

[166867] Medium CVE-2013-0842: Problems with NULL characters embedded in paths. Credit to Google Chrome Security Team (Jüri Aedla).


CVE Name CVE-2013-0839
CVE Name CVE-2013-0840
CVE Name CVE-2013-0841
CVE Name CVE-2013-0842