Google Fixes 11 Flaws in Chrome 13.0.782.215

Google has patched 11 vulnerabilities in its Chrome browser, one of them critical, and paid out more than $8,500 in rewards to researchers for reporting bugs.

Google has patched 11 vulnerabilities in its Chrome browser, one of them critical, and paid out more than $8,500 in rewards to researchers for reporting bugs.

The most serious vulnerability that Google fixed in Chrome 13.0.782.215 is a critical memory-corruption flaw in Chrome’s vertex handling. That bug earned researcher Michael Braithwaite a bug bounty of $1337, the highest reward Google paid in this release. The memory-corruption flaw is present in versions of Chrome running on Windows only.

Sergey Glazunov, an independent security researcher, earned $2,500 in rewards for reporting two bugs fixed in the new version of Chrome, and Google’s own security team discovered two of the other flaws.

Of the other 10 vulnerabilities fixed in this release, nine of them are rated high and the last one is rated medium.

The full list of vulnerabilities Google fixed is:

  • [$1000] [Windows only] [72492] Medium CVE-2011-2822: URL parsing confusion on the command line. Credit to Vladimir Vorontsov, ONsec company.
  • [82552] High CVE-2011-2823: Use-after-free in line box handling. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by miaubiz.
  • [$1000] [88216] High CVE-2011-2824: Use-after-free with counter nodes. Credit to miaubiz.
  • [88670] High CVE-2011-2825: Use-after-free with custom fonts. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent later discovery by miaubiz.
  • [$1000] [89402] High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87453] High CVE-2011-2826: Cross-origin violation with empty origins. Credit to Sergey Glazunov.
  • [$1337] [Windows only] [89836] Critical CVE-2011-2806: Memory corruption in vertex handing. Credit to Michael Braithwaite of Turbulenz Limited.
  • [$1000] [90668] High CVE-2011-2827: Use-after-free in text searching. Credit to miaubiz.
  • [91517] High CVE-2011-2828: Out-of-bounds write in v8. Credit to Google Chrome Security Team (SkyLined).
  • [$1500] [32-bit only] [91598] High CVE-2011-2829: Integer overflow in uniform arrays. Credit to Sergey Glazunov.
  • [$1000] [Linux only] [91665] High CVE-2011-2839: Buggy memset() in PDF. Credit to Aki Helin of OUSPG.

Suggested articles

Discussion

  • Anonymous on

    I really don't know what's wrong with this browser but it almost crash more than 10 time a week and it crash especially when we load some blog sites. Also some website pages still white. I think something go wrong in chrome script as so far it's the only one browser to crash so often. I also use freifox and Avant browser, but all of them work well.

  • George Maier on

    I just want the money. :-)

    thousands of crashes in Chrome: pain and suffering. must i spell it out for y'all? time I spent finding the culprit who may now be stealing from me.

    and more!

    And now they stick it up me arse with e search bar bar.

    YEAH. I want some money!

     

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.