Google Chrome contains a flaw in International Components for Unicode (ICU) that may allow a remote denial of service. The issue is triggered when an out-of-bounds write error occurs. This will cause a loss of availability for the program.

Upgrade to version 13.0.782.107 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• OVAL ID: 14179
• CVE ID: 2011-2791 (see also: NVD)
• Secunia Advisory ID: 45498 45691 50749
• Bugtraq ID: 48960
• ISS X-Force ID: 68953
• Related OSVDB ID: 74228 74229 74230 74231 74232 74233 74234 74235 74236 74237 74238 74239 74240 74242 74243 74244 74245 74246 74247 74248 74250 74251 74252 74253 74254 74255 74256 74257 74258
• Vendor Specific News/Changelog Entry: http://code.google.com/p/chromium/issues/detail?id=86900 [ Auth Req'd ]
  http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
• Vendor URL: http://google.com/chrome
• Other Advisory URL: http://www.srware.net/forum/viewtopic.php?f=18&t=2552
• Vendor Specific Advisory URL: https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_international_components

• Yang Dingning - NCNIPC, Graduate University of Chinese Academy of Sciences