7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
83.2%
Chrome has been updated to 32.0.1700.102 for Windows, Mac, Linux and Chrome Frame.
This update has fixes for the following issues:
and
keyword. (333035)Security Fixes and Rewards
This update includes 14 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$1000][330420] High CVE-2013-6649: Use-after-free in SVG images. Credit to Atte Kettunen of OUSPG.
[$3000][331444] High CVE-2013-6650: Memory corruption in V8. This issue was fixed in v8 version 3.22.24.16. Credit to Christian Holler.
We would also like to thank cloudfuzzer and miaubiz for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $6000 in additional rewards were issued.
Many of the above bugs were detected using AddressSanitizer.
A partial list of changes is available in the SVN log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.
Karen Grunberg and Daniel Xie
Google Chrome
CPE | Name | Operator | Version |
---|---|---|---|
google chrome | lt | 32.0.1700.102 |