6 High-Severity Vulnerabilities Fixed with the Release of Chrome 25.0.1364.152

A total of 10 security holes have been addressed by Google

By on March 5th, 2013 08:29 GMT

Google has updated the stable channel of Chrome to 25.0.1364.152. The latest release addresses ten vulnerabilities, including 6 high-severity issues.

Two of the high-severity security holes – a use-after-free with SVG animations, and a memory corruption in Web Audio – have been identified by Atte Kettunen of OUSPG. For his findings, Google has awarded the researcher with $3,000 (2,300 EUR).

Other high-severity security flaws include a use-after-free in frame loader discovered by Chamal de Silva, and a use-after-free in browser navigation handling found by “chromium.khalil.”

Jüri Aedla, of the Google Chrome Security Team, has uncovered a possible path traversal in database handling and a memory corruption in Indexed DB, both being assessed as being high-risk vulnerabilities.

In addition to these security holes, three medium-severity issues have also been found by members of the Google Chrome Security Team and the Chromium development community.

Russian security expert Egor Homakov has reported a referer leakage with XSS Auditor.

Chrome for Windows is available for download here
Chrome for Mac is available for download here
Chrome for Linux is available for download here
10 vulnerabilities addressed in the latest Chrome 25
   10 vulnerabilities addressed in the latest Chrome 25
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments