FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 17.0.963.46

Details

VuXML ID fe1976c2-5317-11e1-9e99-00262d5ed8ee
Discovery 2012-02-08
Entry 2012-02-09

Google Chrome Releases reports:

[73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community.

[92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne.

[93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community.

[103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley.

[104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG.

[105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz.

[106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG.

[108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG.

[108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen.

[108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG.

[109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG.

[109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com.

[109664] Low CVE-2011-3965: Crash in signature check. Credit to Slawomir Blazek.

[109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG.

[109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo.

[109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis.

[110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis.

[110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.

[110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis.

[110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno).

References

CVE Name CVE-2011-3953
CVE Name CVE-2011-3954
CVE Name CVE-2011-3955
CVE Name CVE-2011-3956
CVE Name CVE-2011-3957
CVE Name CVE-2011-3958
CVE Name CVE-2011-3959
CVE Name CVE-2011-3960
CVE Name CVE-2011-3961
CVE Name CVE-2011-3962
CVE Name CVE-2011-3963
CVE Name CVE-2011-3964
CVE Name CVE-2011-3965
CVE Name CVE-2011-3966
CVE Name CVE-2011-3967
CVE Name CVE-2011-3968
CVE Name CVE-2011-3969
CVE Name CVE-2011-3970
CVE Name CVE-2011-3971
CVE Name CVE-2011-3972
URL http://googlechromereleases.blogspot.com/search/label/Stable%20updates