DSA-2811-1 chromium-browser -- severalID: oval:org.secpod.oval:def:601163 | Date: (C)2014-01-08 (M)2024-04-17 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6634 Andrey Labunets discovered that the wrong URL was used during validation in the one-click sign on helper. CVE-2013-6635 cloudfuzzer discovered use-after-free issues in the InsertHTML and Indent DOM editing commands. CVE-2013-6636 Bas Venis discovered an address bar spoofing issue. CVE-2013-6637 The chrome 31 development team discovered and fixed multiple issues with potential security impact. CVE-2013-6638 Jakob Kummerow of the Chromium project discoved a buffer overflow in the v8 javascript library. CVE-2013-6639 Jakob Kummerow of the Chromium project discoved an out-of-bounds write in the v8 javascript library. CVE-2013-6640 Jakob Kummerow of the Chromium project discoved an out-of-bounds read in the v8 javascript library.