Google Chrome Prior to 42.0.2311.90 Multiple Vulnerabilities

Google Chrome is a web browser for multiple platforms developed by Google. This Google Chrome update fixes 45 vulnerabilities:

CVE-2015-1235: Cross-origin-bypass vulnerability in HTML parser.
CVE-2015-1236: Cross-origin-bypass vulnerability in Blink.
CVE-2015-1237: Use-after-free vulnerability in IPC.
CVE-2015-1238: Out-of-bounds write vulnerability in Skia.
CVE-2015-1240: Out-of-bounds read vulnerability in WebGL.
CVE-2015-1241: Tap-Jacking vulnerability.
CVE-2015-1242: Type confusion vulnerability in V8.
CVE-2015-1244: HSTS bypass vulnerability in WebSockets.
CVE-2015-1245: Use-after-free vulnerability in PDFium.
CVE-2015-1246: Out-of-bounds read vulnerability in Blink.
CVE-2015-1247: Scheme issues in OpenSearch.
CVE-2015-1248: SafeBrowsing bypass vulnerability.
And multiple vulnerabilities in V8

Affected Versions:
Google Chrome versions prior to 42.0.2311.90 are affected.


Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, cause denial of service condition or possibly have unspecified other impact on the system.
Upgrade to the latest version 42.0.2311.90. The update is available from the Chrome download site.

Here are the links for downloading patches to fix the vulnerabilities:

Google Chrome: MAC OS X

Google Chrome: Window

Leave a Reply