September 28, 2016

Chrome 16.0.912.75 Fixes Buffer Overflow Vulnerabilities

(LiveHacking.Com) – Google has released Chrome 16.0.912.75 for Windows, Mac and Linux to fix a number of  security vulnerabilities. Under the  Vulnerability Rewards Program, Google paid out $2000 to security researchers for their time and effort in making Chrome more secure.

Fixes included:

  • [$1000] [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to Boris Zbarsky of Mozilla.
  • [$1000] [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla.
  • [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit to Google Chrome Security Team (Cris Neckar).

Note that Google  keep the referenced bugs private until a majority of users have updated to the latest version.

Full details about what changes have been made in this release are available in the SVN revisions log.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks