OSVDB ID: 84511

Title: Google Chrome PDF Viewer Unspecified Use-after-free Remote Code Execution

Info

Disclosure

Aug 08, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Aug 08, 2012

Description

Google Chrome contains a flaw that is triggered when an unspecified use-after-free error in the PDF viewer. This may allow a context-dependent attacker to execute arbitrary code. No further details have been provided.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 21.0.1180.75 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Google, Inc.

Chrome

21.0.1180.74

References

OVAL ID: 14788
CVE ID: 2012-2862 (see also: NVD)
Secunia Advisory ID: 50222
Related OSVDB ID: 84510
Vendor Specific News/Changelog Entry: http://googlechromereleases.blogspot.com/2012/08/stable-channel-update.html
Vendor Specific Advisory URL: https://code.google.com/p/chromium/issues/detail?id=136643
https://code.google.com/p/chromium/issues/detail?id=137721
https://code.google.com/p/chromium/issues/detail?id=137957

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/84511