Google Fixes 30 Bugs in Chrome, Pays $17K in Bounties

Author: Chris Brook
minute read

Google has fixed 30 bugs in version 13.0.782.107, the latest build of its Chrome browser, pushed to the stable channel for Windows, Mac and Linux today.14 of the bugs are deemed high-risk, including cross-origin script injection, HTML range handling and URI handling issues. Nine of the bugs are rated medium priority while just seven are rated low.

Chrome patchGoogle has fixed 30 bugs in version 13.0.782.107, the latest build of its Chrome browser, pushed to the stable channel for Windows, Mac and Linux today.

14 of the bugs are deemed high-risk, including cross-origin script injection, HTML range handling and URI handling issues. Nine of the bugs are rated medium priority while just seven are rated low.

Through the company’s bug bounty program this round of patches paid $17,000 to researchers, one of the largest pay-outs yet. Much like June’s update, a researcher named Miaubiz found the most flaws in Chrome this time through, reporting eight of them to Google for a total of $7,500.

$3000 was awarded to Sergey Glazunov for cross-origin script injection bug and the cross-origin violation in base URI handling bug, among others. The Russian researcher was the first to receive Google’s “elite” $3,133.7 bounty after reporting a critical “stale pointer” flaw in January.

The list of security bugs fixed in Chrome 13.0.782.107 is as follows:

  • [75821] Medium CVE-2011-2358: Always confirm an extension install via a browser dialog. Credit to Sergey Glazunov.
  • [$1000 each] [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering. Credit to miaubiz and Martin Barbella.[79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt. Credit to kuzzcc.
  • [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog. Credit to kuzzcc.
  • [Linux only] [81307] Medium CVE-2011-2782: File permissions error with drag and drop. Credit to Evan Martin of the Chromium development community.
  • [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog. Credit to Sergey Glazunov.
  • [83841] Low CVE-2011-2784: Local file path disclosure via GL program log. Credit to kuzzcc.
  • [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions. Credit to kuzzcc.
  • [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen. Credit to Olli Pettay of Mozilla.
  • [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue. Credit to kuzzcc.
  • [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization. Credit to Mikołaj Małecki.
  • [$500 each] [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation. Credit to Mario Gomes and kuzzcc.
  • [$1000] [86502] High CVE-2011-2790: Use-after-free with floating styles. Credit to miaubiz.
  • [$1000] [86900] High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87148] High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
  • [$1000] [87227] High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
  • [$500] [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration. Credit to miaubiz.
  • [$500] [87339] Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
  • [87548] High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
  • [$1000] [87729] High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
  • [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible. Credit to sirdarckcat of the Google Security Team.
  • [$1000] [87925] High CVE-2011-2799: Use-after-free in HTML range handling. Credit to miaubiz.
  • [$500] [88337] Medium CVE-2011-2800: Leak of client-side redirect target. Credit to Juho Nurminen.
  • [$1000] [88591] High CVE-2011-2802: v8 crash with const lookups. Credit to Christian Holler.
  • [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [88846] High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
  • [$1000] [88889] High CVE-2011-2818: Use-after-free in display box rendering. Credit to Martin Barbella.
  • [$500] [89142] High CVE-2011-2804: PDF crash with nested functions. Credit to Aki Helin of OUSPG.
  • [$1500] [89520] High CVE-2011-2805: Cross-origin script injection. Credit to Sergey Glazunov.
  • [$1500] [90222] High CVE-2011-2819: Cross-origin violation in base URI handling. Credit to Sergey Glazunov.

Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.