Test Kennung:	1.3.6.1.4.1.25623.1.0.68950
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: webkit-gtk2
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: webkit-gtk2 CVE-2010-2901 The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2010-4040 Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image. CVE-2010-4042 Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to 'stale elements.' CVE-2010-4199 Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document. CVE-2010-4492 Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations. CVE-2010-4493 Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. CVE-2010-4578 Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to 'stale pointers.' CVE-2011-0482 Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. CVE-2011-0778 Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2901 Debian Security Information: DSA-2188 (Google Search) http://www.debian.org/security/2011/dsa-2188 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11997 http://secunia.com/advisories/40743 SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2010-4040 BugTraq ID: 44241 http://www.securityfocus.com/bid/44241 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7646 http://secunia.com/advisories/41888 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2010/2731 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0552 Common Vulnerability Exposure (CVE) ID: CVE-2010-4042 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6654 Common Vulnerability Exposure (CVE) ID: CVE-2010-4199 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11429 http://secunia.com/advisories/42109 Common Vulnerability Exposure (CVE) ID: CVE-2010-4492 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11475 http://secunia.com/advisories/42472 Common Vulnerability Exposure (CVE) ID: CVE-2010-4493 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12129 Common Vulnerability Exposure (CVE) ID: CVE-2010-4578 BugTraq ID: 45390 http://www.securityfocus.com/bid/45390 http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14323 http://secunia.com/advisories/42648 Common Vulnerability Exposure (CVE) ID: CVE-2011-0482 BugTraq ID: 45788 http://www.securityfocus.com/bid/45788 http://osvdb.org/70465 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14662 http://secunia.com/advisories/42951 XForce ISS Database: chrome-anchors-dos(64673) https://exchange.xforce.ibmcloud.com/vulnerabilities/64673 Common Vulnerability Exposure (CVE) ID: CVE-2011-0778 Debian Security Information: DSA-2166 (Google Search) http://www.debian.org/security/2011/dsa-2166 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14228 http://secunia.com/advisories/43368 http://www.vupen.com/english/advisories/2011/0408
Copyright	Copyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.