
System compromise
Vulnerability: System compromise in Google Chrome
Danger: High
Patch: Yes
Number of vulnerabilities: 5
CVE ID: CVE-2012-5130
CVE-2012-5131
CVE-2012-5132
CVE-2012-5133
CVE-2012-5134
CVE-2012-5135
CVE-2012-5136
Vector of operation: Remote
Impact: System Compromise
Affected products: Google Chrome 23.x
Affected versions: Google Chrome to version 23.0.1271.91.
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.
1. An error in the use of post-liberation SVG-filters. This can be exploited to compromise a vulnerable system.
2. An error in reading outside the buffer Skia. This can be exploited to compromise a vulnerable system.
3. An error in LibXML. This can be exploited to compromise a vulnerable system.
4. An error in the use of post-liberation in the exercise of press. This can be exploited to compromise a vulnerable system.
5. An error in determining the type of the variable. This can be exploited to compromise a vulnerable system.
Manufacturer URL: https://www.google.com/intl/ru/chrome/browser/
Solution: Install the latest version 23.0.1271.91 from the manufacturer.
Links:
http://googlechromereleases.blogspot.dk/2012/11/stable-channel-update.html