漏洞信息
Google Chrome is a web browser for multiple platforms developed by Google.
This Google Chrome update fixes the following vulnerabilities:
A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A use-after-free memory error may occur in Blink [CVE-2016-5142].
A heap overflow may occur in pdfium [CVE-2016-5139, CVE-2016-5140].
A remote user can bypass same-origin restrictions on images in Blink [CVE-2016-5145].
A remote user can spoof address bar content [CVE-2016-5141].
Some parameter sanitization errors may occur in DevTools [CVE-2016-5143, CVE-2016-5144].
Other errors may occur [CVE-2016-5146].
Affected Versions:
Google Chrome versions prior to 52.0.2743.116 are affected.
漏洞危害
Successful exploitation of these vulnerabilities could allow a remote attacker to bypass certain security restrictions, obtain sensitive information, execute arbitrary code or cause a denial of service condition on the system.
解决方案
Customers are advised to upgrade to Google Chrome 52.0.2743.116 or a later version.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
www.0daybank.org
文章评论