选择软件标题...降级到你爱的版本!

状态: 29377 个版本的 1949 个程序

Viewing downloads for Windows Show all downloads

Windows » 网际网路 » Google Chrome » Google Chrome 2.0.172.43

Google Chrome 2.0.172.43

3078 下载

已测试 : 没有间谍软件、广告和病毒

0 调出 5 基于 0 收视率.

Available Downloads: Windows
文件大小: 9.2 MB
发布日期:
许可证: 未知
官方网站: http://www.google.com/chrome/
企业: Google, Inc.
下载总数: 3078
由: Shane_Parkar
评级: (0 表决票)

已测试: 没有间谍软件、广告和病毒

Google Chrome 2.0.172.43 更改日志

Security fixes:

CVE-2009-2935 Unauthorized memory read from Javascript

A flaw in the V8 Javascript engine might allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks. It is possible that this could lead to disclosing unauthorized data to an attacker or allow an attacker to run arbitrary code.

More info: http://code.google.com/p/chromium/issues/detail?id=18639 (This issue will be made public once a majority of users are up to date with the fix.)

Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Credit: This issue was found by Mozilla Security.

Mitigations:

* A victim would need to visit a page under an attacker's control.
* Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Security Fix: Treat weak signatures as invalid

Google Chrome no longer connects to HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms. These algorithms are considered weak and might allow an attacker to spoof an invalid site as a valid HTTPS site.

More info: http://code.google.com/p/chromium/issues/detail?id=18725 (This issue will be made public once a majority of users are up to date with the fix.)

Severity: Medium. Further advances in attacks against weak hashing algorithms may eventually permit attacks to forge certificates.

Credit: Dan Kaminsky, Director of Penetration Testing, IOActive Inc., Meredith Patterson and Len Sassaman. See their paper at http://www.ioactive.com/pdfs/PKILayerCake.pdf

CVE-2009-2414 Stack consumption vulnerability in libxml2

CVE-2009-2416 Multiple use-after-free vulnerabilities in libxml2

Pages using XML can cause a Google Chrome tab process to crash. A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.

More info: See the CVE entries noted in this report.

Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Credit: Original discovery by Rauli Kaksonen and Jukka Taimisto from the CROSS project at Codenomicon Ltd. The Google Chrome security team determined that Chrome was affected.

Mitigations:

Google Chrome 构建

11340

OLDVERSION.COM

选择软件标题...降级到你爱的版本!

Google Chrome 2.0.172.43

Google Chrome 2.0.172.43 更改日志

Google Chrome 构建

站点链接

类别

跟着 OldVersion.com

Old Version