19
Фев

vulnerabilities

Обязательно обновите Гуглохром до последней версии. Замечательный браузер имел вот такие дырки:

Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, or potentially compromise a user’s system.

1) Two errors when resolving domain names and when interpreting configured proxy lists can be exploited to disclose potentially sensitive data.

2) Multiple integer overflow errors in the v8 engine can be exploited to potentially execute arbitrary code.

3) An unspecified error in the processing of «<ruby>» tags can be exploited to potentially execute arbitrary code.

4) An error when processing «<iframe>» tags can be exploited to disclose a redirection target.

5) An error in the password manager can be exploited to incorrectly fill the HTTP authentication dialog presented by another domain with authentication data for the current domain, and potentially disclose saved credentials.

6) An integer overflow error when deserializing a sandbox message can be exploited to potentially execute arbitrary code.

Вроде поправлены. Меж тем, Google Buzz уязвим к банальным cross-site scripting атакам, что может привести к кражам кук, паролей, контента, етс (например, если пользуетесь Buzz из-под гмыла, можно утащить тексты ваших писем и т.д.)

Метки:

Комментарии закрыты.