Title: Google Chrome browser/extensions/theme_installed_infobar_delegate.cc ThemeInstalledInfoBarDelegate::Observe Function Extension Tab Interaction Memory Corruption
Oct 26, 2010
Dec 13, 2010
Google Chrome contains a flaw that is triggered as the 'ThemeInstalledInfoBarDelegate::Observe' function [browser/extensions/theme_installed_infobar_delegate.cc] fails to properly handle incorrect tab interaction by an extension. With a specially crafted Chrome extension (CRX) file, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.
Loss of Integrity
Upgrade to version 8.0.552.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.