IT
ScaricaQuesta versione
476KB
|
Google Chrome 0.4.154.29 BetaGoogle - 476KB (Open Source) - |
This release upgrades Gears to 0.5.4.2 to address a security issue with Gears 0.5.4.0 and earlier versions:
Gears Cross-Origin Worker Vulnerability
CVE: CVE-2008-5258
A vulnerability in Gears could allow an attacker to run code in the context of a site that serves user-controlled files. To exploit this, an attacker needs to upload a malicious file to the victim's site and convince the user to allow the attacker's site to use Gears.
Severity: High. Even though this requires convincing users to allow a third-party site to use Gears, it could allow data theft and cross-site scripting on sites hosting user-created content, even those that do not use Gears.
Credit: Thanks to Yair Amit, Senior Security Researcher, IBM Rational Application Security Research Team for responsibly reporting the issue to Google.
This release also contains a fix to stop crashes while dragging tabs on computers running Windows Vista.
Gears Cross-Origin Worker Vulnerability
CVE: CVE-2008-5258
A vulnerability in Gears could allow an attacker to run code in the context of a site that serves user-controlled files. To exploit this, an attacker needs to upload a malicious file to the victim's site and convince the user to allow the attacker's site to use Gears.
Severity: High. Even though this requires convincing users to allow a third-party site to use Gears, it could allow data theft and cross-site scripting on sites hosting user-created content, even those that do not use Gears.
Credit: Thanks to Yair Amit, Senior Security Researcher, IBM Rational Application Security Research Team for responsibly reporting the issue to Google.
This release also contains a fix to stop crashes while dragging tabs on computers running Windows Vista.
Software correlato
Opera 12.15
Java Runtime Environment 1.7.0.21 (32-bit)
Flash Player 11.3.300.257 (IE) 64-bit
Shockwave Player 12.0.2.122
Maxthon Cloud Browser 4.0.6.2000
SeaMonkey 2.18 Beta 4
Avant Browser 2013 Build 107
Internet Explorer 9.0 Vista 64
Copia il seguente codice per linkare a questa pagina:
