Welcome guest, is this your first visit? Create Account now to join.
Results 1 to 2 of 2

This is a discussion on Google Chrome 2.0.172.37 has been released to the Beta and Stable channels within the Chrome Talk section, part of the Google Chrome category: Google Chrome 2.0.172.37 has been released to the Beta and Stable channels. This release fixes some minor bugs: Fix: Solving ...


  1. #1
    sulasno's Avatar
    sulasno is offline Super Moderator
    Join Date
    Sep 2008
    Location
    Bangkok
    Posts
    1,759

    Default Google Chrome 2.0.172.37 has been released to the Beta and Stable channels

    Google Chrome 2.0.172.37 has been released to the Beta and Stable channels. This release fixes some minor bugs:

    Fix: Solving captcha images broken at orkut.com. (Issue 15569)
    Make forward/backward navigation work even when redirection is involved. (Issue 9663, issue 10531)
    Fix: Daylight savings time not recognized for some CET locales. (Issue 12579)
    Fix a browser crash on closing a URL request. (Issue 8942)
    Update the V8 Javascript engine to version 1.1.10.14 to fix issues with regular expressions.
    Update Gears to the latest release, 0.5.25.0.

    In addition, this release fixes the following security issues:

    Heap overflow with Javascript regular expressions

    Evaluating a specially-crafted regular expression in Javascript on a web page can lead to memory corruption and possibly a heap overflow. Visiting a maliciously crafted website may lead to a renderer (tab) crash or arbitrary code execution in the Google Chrome sandbox.

    More info: http://code.google.com/p/chromium/is...etail?id=14719 (This issue will be made public once a majority of users are up to date with the fix.)

    Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

    Credit: This issue was found by the Google Chrome security team.

    Mitigations:
    A victim would need to visit a page under an attacker's control.
    Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.


    Memory corruption in the browser process

    A compromised renderer (tab) process could cause the browser process to allocate very large memory buffers. This error could cause the browser process (and all tabs) to crash or possibly allow arbitrary code execution with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.

    Severity: Critical. In conjunction with a vulnerability allowing arbitrary code to run in the renderer, an attacker might be able to run code with the privileges of the logged on user.

    Credit: This issue was found by the Google Chrome security team.

    Mitigations:
    A victim would need to visit a page under an attacker's control.
    The attacker must exploit a second vulnerability to control the renderer process.

  2. #2
    Waha's Avatar
    Waha is offline Senior Member
    Join Date
    Apr 2009
    Location
    Oregon
    Posts
    788

    Default

    Overflow attacks are so fancy. O: Wish I knew what to look for to find some in stuff.
    ~ Projects ~
    Specialized: Carapass Auction Watcher, Kongregate Chat
    Libraries: bliplib
    Tools: manifest syntax highlighting & snippits
    ~ Happy to make extensions for pay too ;D ~
    Portfolio: Search and Share

Similar Threads

  1. Different Channels to choose from
    By Stamga in forum Chrome Talk
    Replies: 4
    Last Post: 09-28-2011, 07:06 AM
  2. Replies: 11
    Last Post: 07-23-2009, 05:37 PM
  3. Replies: 1
    Last Post: 07-11-2009, 11:42 AM
  4. Replies: 3
    Last Post: 07-09-2009, 01:35 AM
  5. Chrome To Come Out Of Beta
    By Chrome in forum Chrome Talk
    Replies: 0
    Last Post: 12-10-2008, 12:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •