SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Google Chrome WebGL Vulnerability provides code execution opportunity
Description: The Google Chrome web browser contains a vulnerability that could be exploited by an adversary to gain the ability to execute code on the victim machine. Chrome is one of the most popular web browsers currently available to users. Cisco Talos researchers recently discovered a bug in WebGL, which is a Chrome API responsible for displaying 3-D graphics. Read the complete vulnerability advisory here for additional information.
Snort SIDs: 54638, 54639
Title: Heap buffer overflow bug found in FreeType, a font-rendering engine used in Chrome and other platforms
Description: For users with the FreeType extension, malformed .ttf files with .png sbit glyphs can lead to heap buffer overflows. The bug affects versions 2.6 and on, but has been fixed in version 2.10.4. This bug has been exploited in the wild, though no details have been released.
Snort SIDs: 56130-56133