Info

Disclosure

Dec 13, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Dec 13, 2011

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 16.0.912.63 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Google, Inc.

Chrome

15.0.874.121

References

OVAL ID: 14299
CVE ID: 2011-3907 (see also: NVD)
Secunia Advisory ID: 47231 47445
Related OSVDB ID: 77706 77707 77708 77710 77711 77712 77713 77714 77715 77716 77717 77718 77719 77720
Other Advisory URL: http://blog.acrossecurity.com/2012/01/google-chrome-https-address-bar.html
Vendor Specific News/Changelog Entry: http://code.google.com/p/chromium/issues/detail?id=99016
http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html
http://security.gentoo.org/glsa/glsa-201201-03.xml
Mail List Post: http://seclists.org/bugtraq/2012/Jan/19

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/77709