FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 17.0.963.56


VuXML ID 2f5ff968-5829-11e1-8288-00262d5ed8ee
Discovery 2012-02-15
Entry 2012-02-15

Google Chrome Releases reports:

[105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts).

[106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz.

[108695] High CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz.

[110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG.

[110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team.

[111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community.

[111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis.

[112236] Medium CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes).

[112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt.

[112451] Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot.

[112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Slawomir Blazek.

[112822] High CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Juri Aedla.

[112847] Medium CVE-2011-3027: Bad cast in column handling. Credit to miaubiz.


CVE Name CVE-2011-3015
CVE Name CVE-2011-3016
CVE Name CVE-2011-3017
CVE Name CVE-2011-3018
CVE Name CVE-2011-3019
CVE Name CVE-2011-3020
CVE Name CVE-2011-3021
CVE Name CVE-2011-3022
CVE Name CVE-2011-3023
CVE Name CVE-2011-3024
CVE Name CVE-2011-3025
CVE Name CVE-2011-3026
CVE Name CVE-2011-3027