Google patches seven Chrome holes, pays $10,000

By
Follow google news

Sergey Glazunov cleans up.

Google has fixed seven vulnerabilities in the Chrome web browser and paid $10,000 to researchers who reported them.

Google patches seven Chrome holes, pays $10,000

The company also patched security holes in an update for Chrome’s Flash player.

Researcher Sergey Glazunov scored $8000 for reporting five Chrome bugs, including $4500 for three use after free bugs in v8 bindings.

Glazunov has dominated Google’s Chromium security hall of fame which pays researchers for reporting security bugs in the Chrome browser.

A lone critical vulnerability (CVE-2011-3873) patched related to a memory corruption bug in Chrome’s shader translator.

  •  [$1000] [93788] High CVE-2011-2876: Use-after-free in text line box handling. Credit to miaubiz.
  • [$1000] [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to miaubiz.
  • [$2000] [95671] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov.
  • [96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling. Credit to Google Chrome Security Team (Inferno).
  • [$4500] [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8 bindings. Credit to Sergey Glazunov.
  • [$1500] [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects. Credit to Sergey Glazunov.
  • [98089] Critical CVE-2011-3873: Memory corruption in shader translator. Credit to Zhenyao Mo of the Chromium development community.

Add iTnews as your trusted source

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

Bendigo Bank aims to have Australia's "first agentic SOC"

Bendigo Bank aims to have Australia's "first agentic SOC"

ASD to retire Essential Eight cyber security framework within next two years

ASD to retire Essential Eight cyber security framework within next two years

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases

NAB's SecOps rethink focuses on data expert and dev hires

NAB's SecOps rethink focuses on data expert and dev hires

Log In

  |  Forgot your password?