본문 바로가기
IT 보안소식

구글 크롬(Google Chrome), 20.0.1132.43 업데이트!!

by 잡다한 처리 2012. 6. 27.
반응형



구글에서 제공하는 오픈소스 기반 브라우저인 
크롬(Google Chrome)의 업데이트가 공개되었다.


이번 업데이트에서는 14건의 High 등급, 5건의 Medium 등급 3건의 Low 등급 등 총 21건의 보안 취약점이 보안되었다.

Low CVE-2012-2815 : Leak of iframe fragment id. Credit to Elie Bursztein of Google
 
High CVE-2012-2816 : Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Windows only)
 
■ High CVE-2012-2817 : Use-after-free in table section handling. Credit to miaubiz
 
■ High CVE-2012-2818 : Use-after-free in counter layout. Credit to miaubiz
 
High CVE-2012-2819 : Crash in texture handling. Credit to Ken "gets" Russell of the Chromium development community
 
Medium CVE-2012-2820 : Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG
 
Medium CVE-2012-2821 : Autofill display problem. Credit to "simonbrown60"
 
Medium CVE-2012-2822 : Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various
Googlers
 
High CVE-2012-2823 : Use-after-free in SVG resource handling. Credit to miaubiz
 
High CVE-2012-2824 : Use-after-free in SVG painting. Credit to miaubiz
 
Medium CVE-2012-2826 : Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team 
 
Low CVE-2012-2827 : Use-after-free in Mac UI. Credit to the Chromium development community (Mac only)
 
High CVE-2012-2828 : Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team
 
High CVE-2012-2829 : Use-after-free in first-letter handling. Credit to miaubiz
 
High CVE-2012-2830 : Wild pointer in array value setting. Credit to miaubiz
 
Low CVE-2012-2764 : Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting (Windows only)
 
High CVE-2012-2831 : Use-after-free in SVG reference handling. Credit to miaubiz
 
High CVE-2012-2832 : Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team
 
High CVE-2012-2833 : Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team
 
High CVE-2012-2834 : Integer overflow in Matroska container. Credit to Juri Aedla
 
Medium CVE-2012-2825 : Wild read in XSL handling. Credit to Nicholas Gregoire
 
High CVE-2012-2807 : Integer overflows in libxml. Credit to Juri Aedla (64-bit Linux only)

크롬을 사용하시는 분들은 업데이트 하여 사용하시길~!!

 

댓글