반응형
구글에서 제공하는 오픈소스 기반 브라우저인 크롬(Google Chrome)의 업데이트가 공개되었다.
이번 업데이트에서는 14건의 High 등급, 5건의 Medium 등급 3건의 Low 등급 등 총 21건의 보안 취약점이 보안되었다.
■ Low CVE-2012-2815 : Leak of iframe fragment id. Credit to Elie Bursztein of Google
■ High CVE-2012-2816 : Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Windows only)
■ High CVE-2012-2817 : Use-after-free in table section handling. Credit to miaubiz
■ High CVE-2012-2818 : Use-after-free in counter layout. Credit to miaubiz
■ High CVE-2012-2819 : Crash in texture handling. Credit to Ken "gets" Russell of the Chromium development community
■ Medium CVE-2012-2820 : Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG
■ Medium CVE-2012-2821 : Autofill display problem. Credit to "simonbrown60"
■ Medium CVE-2012-2822 : Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various
Googlers
Googlers
■ High CVE-2012-2823 : Use-after-free in SVG resource handling. Credit to miaubiz
■ High CVE-2012-2824 : Use-after-free in SVG painting. Credit to miaubiz
■ Medium CVE-2012-2826 : Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team
■ Low CVE-2012-2827 : Use-after-free in Mac UI. Credit to the Chromium development community (Mac only)
■ High CVE-2012-2828 : Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team
■ High CVE-2012-2829 : Use-after-free in first-letter handling. Credit to miaubiz
■ High CVE-2012-2830 : Wild pointer in array value setting. Credit to miaubiz
■ Low CVE-2012-2764 : Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting (Windows only)
■ High CVE-2012-2831 : Use-after-free in SVG reference handling. Credit to miaubiz
■ High CVE-2012-2832 : Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team
■ High CVE-2012-2833 : Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team
■ High CVE-2012-2834 : Integer overflow in Matroska container. Credit to Juri Aedla
■ Medium CVE-2012-2825 : Wild read in XSL handling. Credit to Nicholas Gregoire
■ High CVE-2012-2807 : Integer overflows in libxml. Credit to Juri Aedla (64-bit Linux only)
크롬을 사용하시는 분들은 업데이트 하여 사용하시길~!!
'IT 보안소식' 카테고리의 다른 글
주말 변조사이트로 인한 "Trojan.JS.QRG(search.htm)" 주의!! (6) | 2012.06.30 |
---|---|
"가짜 NH농협 인터넷뱅킹 피싱(nhkbbank.com)사이트" 를 이용한 개인정보 유출 주의 (2012-06-27) (0) | 2012.06.27 |
알툴즈(altools), 개인정보를 위한 가입 된 주민등록번호 삭제 방법 (0) | 2012.06.26 |
한RSS, 신규 포스트가 수집되지 않는 문제로 인하여 긴급 임시점검 실시!! (2) | 2012.05.26 |
애플(Apple), iOS 5.1.1 완전탈옥툴 "Absinthe 2.0" 다운로드 페이지!! (6) | 2012.05.24 |
댓글