{"id":6776,"date":"2012-04-06T10:32:47","date_gmt":"2012-04-06T17:32:47","guid":{"rendered":"http:\/\/blog.webroot.com\/?p=6776"},"modified":"2018-01-30T12:23:50","modified_gmt":"2018-01-30T19:23:50","slug":"googles-chrome-patches-12-high-risk-security-vulnerabilities","status":"publish","type":"post","link":"https://www.webroot.com/blog/2012\/04\/06\/googles-chrome-patches-12-high-risk-security-vulnerabilities\/","title":{"rendered":"Google&#8217;s Chrome patches 12 &#8216;high risk&#8217; security vulnerabilities"},"content":{"rendered":"<p><a href=\"http:\/\/webrootblog.files.wordpress.com\/2012\/04\/google_chrome_logo.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"alignleft  wp-image-6780\" title=\"Google_Chrome_Logo\" src=\"http:\/\/webrootblog.files.wordpress.com\/2012\/04\/google_chrome_logo.jpg\" alt=\"\" width=\"120\" height=\"120\" \/><\/a>Yesterday, Google <a href=\"http:\/\/googlechromereleases.blogspot.com\/2012\/04\/stable-and-beta-channel-updates.html\"><strong>updated its Chrome browser to\u00a018.0.1025.151<\/strong><\/a> on Windows, Mac, Linux and Chrome Frame.<\/p>\n<p>Next to patching multiple usability bugs, the latest update has also patched numerous vulnerabilities reported through \u00a0Google&#8217;s security bugs bounty program.<\/p>\n<p>More details:<\/p>\n<p><!--more--><\/p>\n<p>The following &#8216;high risk&#8217; security flaws were patched:<\/p>\n<ul>\n<li>[106577] [$500]\u00a0Medium <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3066\"><strong>CVE-2011-3066<\/strong><\/a>: Out-of-bounds read in Skia clipping. Credit to miaubiz.<\/li>\n<li>[117583] Medium <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3067\"><strong>CVE-2011-3067<\/strong><\/a>: Cross-origin iframe replacement. Credit to Sergey Glazunov.<\/li>\n<li>[117698] [$1000]\u00a0High <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3068\"><strong>CVE-2011-3068<\/strong><\/a>: Use-after-free in run-in handling. Credit to miaubiz.<\/li>\n<li>[117728] [$1000]\u00a0High <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3069\"><strong>CVE-2011-3069<\/strong><\/a>: Use-after-free in line box handling. Credit to miaubiz.<\/li>\n<li>[118185] High <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3070\"><strong>CVE-2011-3070<\/strong><\/a>: Use-after-free in v8 bindings. Credit to Google Chrome Security Team (SkyLined).<\/li>\n<li>[118273] High <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3071\"><strong>CVE-2011-3071<\/strong><\/a>: Use-after-free in HTMLMediaElement. Credit to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).<\/li>\n<li>[118467] Low <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3072\"><strong>CVE-2011-3072<\/strong><\/a>: Cross-origin violation parenting pop-up window. Credit to Sergey Glazunov.<\/li>\n<li>[118593] [$1000]\u00a0High <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3073\"><strong>CVE-2011-3073<\/strong><\/a>: Use-after-free in SVG resource handling. Credit to Arthur Gerkis.<\/li>\n<li>[119281] [$500]\u00a0Medium <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3074\"><strong>CVE-2011-3074<\/strong><\/a>: Use-after-free in media handling. Credit to S\u0142awomir B\u0142a\u017cek.<\/li>\n<li>[119525] [$1000]\u00a0High <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3075\"><strong>CVE-2011-3075<\/strong><\/a>: Use-after-free applying style command. Credit to miaubiz.<\/li>\n<li>[120037] [$1000]\u00a0High <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3076\"><strong>CVE-2011-3076<\/strong><\/a>: Use-after-free in focus handling. Credit to miaubiz.<\/li>\n<li>[120189] Medium <a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-3077\"><strong>CVE-2011-3077<\/strong><\/a>: Read-after-free in script bindings. Credit to Google Chrome Security Team (Inferno).<\/li>\n<\/ul>\n<p>The latest version of Chrome, also includes the latest version of the recently patched Adobe Flash Player.<\/p>\n<p>Webroot advises end and corporate users to update to the latest version\u00a0immediately.<\/p>\n<p><em>You can find more about Dancho Danchev at his\u00a0<strong><a href=\"http:\/\/nl.linkedin.com\/in\/danchodanchev\">LinkedIn Profile<\/a><\/strong>. You can also\u00a0<strong><a href=\"http:\/\/www.twitter.com\/danchodanchev\">follow him on \u00a0Twitter<\/a><\/strong>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday, Google updated its Chrome browser to\u00a018.0.1025.151 on Windows, Mac, Linux and Chrome Frame. Next to patching multiple usability bugs, the latest update has also patched numerous vulnerabilities reported through \u00a0Google&#8217;s security bugs bounty program. More details:<\/p>\n","protected":false},"author":65,"featured_media":17048,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3005],"tags":[],"yst_prominent_words":[10601,3853,10593,10585,10589,10581,10573,10575,10587,10579,9741,10583,10577,5755,10599,3479,10595,10591,10597,3471],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/6776"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=6776"}],"version-history":[{"count":1,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/6776\/revisions"}],"predecessor-version":[{"id":19187,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/6776\/revisions\/19187"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/17048"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=6776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=6776"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=6776"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=6776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}