Google has released Chrome version 0.2.149.29 to address multiple vulnerabilities.
The four vulnerabilities are due to the following:
- 1. a buffer overflow condition in the handling of filenames displayed in the “Save As” dialog
- 2. a buffer overflow condition in the handling of link targets displayed in the status area when a user hovers over a link
- 3. an out-of-bounds memory read error when parsing URLs ending with :%
- 4. a default configuration that allows files to be downloaded to the desktop without prompting the user first
Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
Google has indicated that the fixed version is being applied to all users through automatic updates.
You can also review the Google Chrome Releases Blog for additional information
