DSA-2192-1 chromium-browser -- severalID: oval:org.secpod.oval:def:600547 | Date: (C)2011-07-05 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-0779 Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service via a crafted extension. CVE-2011-1290 Integer overflow in WebKit allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.