본문 바로가기

벌새::Security

업데이트 : Google Chrome 11.0.696.57

반응형
구글(Google)에서 제공하는 오픈 소스 기반 웹 브라우저 Google Chrome 11.0.696.57 정식 버전이 출시되었습니다.

Google Chrome 11 버전에서는 기존(Google Chrome 10)에 비해 성능 향상과 함께 25가지의 보안 패치가 포함되어 있습니다.

1. High 등급

  1. CVE-2011-1303 : Stale pointer in floating object handling.
  2. CVE-2011-1437 : Integer overflows in float rendering.
  3. CVE-2011-1438 : Same origin policy violation with blobs.
  4. CVE-2011-1439 : Prevent interference between renderer processes. (Linux)
  5. CVE-2011-1440 : Use-after-free with <ruby> tag and CSS.
  6. CVE-2011-1441 : Bad cast with floating select lists.
  7. CVE-2011-1442 : Corrupt node trees with mutation events.
  8. CVE-2011-1443 : Stale pointers in layering code.
  9. CVE-2011-1444 : Race condition in sandbox launcher. (Linux)
  10. CVE-2011-1446 : Possible URL bar spoofs with navigation errors and interrupted loads.
  11. CVE-2011-1447 : Stale pointer in drop-down list handling.
  12. CVE-2011-1448 : Stale pointer in height calculations.
  13. CVE-2011-1449 : Use-after-free in WebSockets.
  14. CVE-2011-1451 : Dangling pointers in DOM id map.
  15. CVE-2011-1454 : Use-after-free in DOM id handling.
  16. CVE-2011-1456 : Stale pointers with PDF forms.

2. Medium 등급


  1. CVE-2011-1305 : Linked-list race in database handling. (Linux / Mac)
  2. CVE-2011-1434 : Lack of thread safety in MIME handling.
  3. CVE-2011-1435 : Bad extension with ‘tabs’ permission can capture local files.
  4. CVE-2011-1445 : Out-of-bounds read in SVG.
  5. CVE-2011-1452 : URL bar spoof with redirect and manual reload.
  6. CVE-2011-1455 : Out-of-bounds read with multipart-encoded PDF.

3. Low 등급


  1. CVE-2011-1304 : Pop-up block bypass via plug-ins.
  2. CVE-2011-1436 : Possible browser crash due to bad interaction with X. (Linux)
  3. CVE-2011-1450 : Dangling pointers in file dialogs.

해당 웹 브라우저를 사용하시는 분들은 자동 업데이트를 통한 최신 버전으로 업데이트를 하시고 인터넷을 이용하시기 바랍니다.

728x90
반응형