Google today announced the release of the stable version of the Browser Chrome 16, in which the company eliminated 15 vulnerabilities of high and medium danger. Four vulnerabilities relate to the PDF files built into the browser, based on Foxit PDF SDK. Two of them have an average hazard level that allows the attackers to gain access to various parts of system memory, which were originally not busy with a browser. As a result of these attacks, the hacker theoretically can gain access to closed user data.
Two other vulnerabilities allow the PDF park to execute a specially designed code that allows an attack like overflow of the buffer, which is a critically dangerous vulnerability.
Among other identified and eliminated vulnerabilities, some components in the engine responsible for the processing of SVG files are called, as well as in the component working with J a Vascript.
Source: CyberSecurity