FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 25.0.1364.152


VuXML ID 40d5ab37-85f2-11e2-b528-00262d5ed8ee
Discovery 2013-03-04
Entry 2013-03-06

Google Chrome Releases reports:

[176882] High CVE-2013-0902: Use-after-free in frame loader. Credit to Chamal de Silva.

[176252] High CVE-2013-0903: Use-after-free in browser navigation handling. Credit to "chromium.khalil".

[172926] [172331] High CVE-2013-0904: Memory corruption in Web Audio. Credit to Atte Kettunen of OUSPG.

[168982] High CVE-2013-0905: Use-after-free with SVG animations. Credit to Atte Kettunen of OUSPG.

[174895] High CVE-2013-0906: Memory corruption in Indexed DB. Credit to Google Chrome Security Team (Juri Aedla).

[174150] Medium CVE-2013-0907: Race condition in media thread handling. Credit to Andrew Scherkus of the Chromium development community.

[174059] Medium CVE-2013-0908: Incorrect handling of bindings for extension processes.

[173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to Egor Homakov.

[172573] Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads more strictly. Credit to Google Chrome Security Team (Chris Evans).

[172264] High CVE-2013-0911: Possible path traversal in database handling. Credit to Google Chrome Security Team (Juri Aedla).


CVE Name CVE-2013-0902
CVE Name CVE-2013-0903
CVE Name CVE-2013-0904
CVE Name CVE-2013-0905
CVE Name CVE-2013-0906
CVE Name CVE-2013-0907
CVE Name CVE-2013-0908
CVE Name CVE-2013-0909
CVE Name CVE-2013-0910
CVE Name CVE-2013-0911