Google closes vulnerabilities in Chrome 5


Recommended Posts

5 July 2010,

Google closes vulnerabilities in Chrome 5

Google has released version 5.0.375.99 of Chrome, a security update that addresses four "high" risk vulnerabilities in its WebKit-based browser. According to the developers, all four of the high risk issues could lead to memory corruption caused by either invalid PNG files or SVGs, issues in the Bidirectional algorithm or problems in CSS style rendering. The stable channel update also addresses one medium risk vulnerability related to sandboxed iframes and three low risk issues.

As part of its Chromium Security Reward programme, launched earlier this year, Google has been rewarding those reporting security vulnerabilities. Reported by Team 509 and the Oulu University Secure Programming Group (OUSPG), the discoverers of each of the four high risk vulnerabilities closed in the latest stable update were rewarded with $500 or $1,000. In special cases, a committee can decide to increase the amount to a maximum of $1,337, but the maximum is only awarded for vulnerabilities which are particularly critical, or for particularly clever reports on vulnerabilities and their exploitation.

Full details here: http://www.h-online....-5-1032881.html

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...