/>
X

Google pays $7,500 for 'high-risk' Chrome browser flaws

The vulnerabilities, patches with Google Chrome 7.0.517.44, affects Windows, Mac, Linux and Chrome Frame users.
ryan-naraine.jpg
Written by Ryan Naraine on

Google has shelled out $7,500 to pay for the latest batch of "high-risk" vulnerabilities affecting users of its flagship Chrome web browser.

The vulnerabilities, patches with Google Chrome 7.0.517.44, affects Windows, Mac, Linux and Chrome Frame users.  The most serious could lead to remote code execution (drive-by download) attacks.

Study: Silent patching best for securing browsers ]

Here's an outline of the security fixes and bounty payouts:

  • [51602] High Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar).
  • [$1000] [55257] High Memory corruption with enormous text area. Credit to wushi of team509.
  • [$1000] [58657] High Bad cast with the SVG use element. Credit to the kuzzcc.
  • [$1000] [58731] High Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com).
  • [$500] [58741] High Use-after-free in text control selections. Credit to “vkouchna”.
  • [$1000] [Linux only] [59320] High Integer overflows in font handling. Credit to Aki Helin of OUSPG.
  • [$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.
  • [$500] [60238] High Bad use of destroyed frame object. Credit to various developers, including “gundlach”.
  • [$500] [60327] [60769] [61255] High Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno).
  • [$1000] [60688] High Out-of-bounds array access in SVG handling. Credit to wushi of team509.

Google uses a silent/automatic updating utility to patch its Chrome browser.

Related

Apple politely explains why iPhone cases are a waste of money
Apple iPhone 13 Pro Max

Apple politely explains why iPhone cases are a waste of money

Apple
The 8 best iPhone models of 2022
iphone-12-models.png

The 8 best iPhone models of 2022

iPhone
Delta Air Lines just made a callous admission that customers may find galling
screen-shot-2022-07-18-at-5-18-46-pm.png

Delta Air Lines just made a callous admission that customers may find galling

Business