Anfälligkeitssuche        Suche in 202850 CVE Beschreibungen
und 87302 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.702799
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 2799-1 (chromium-browser - several vulnerabilities)
Zusammenfassung:Several vulnerabilities have been discovered in the chromium web browser.;;CVE-2013-2931;The chrome 31 development team found various issues from internal;fuzzing, audits, and other studies.;;CVE-2013-6621;Khalil Zhani discovered a use-after-free issue in speech input;handling.;;CVE-2013-6622cloudfuzzer;discovered a use-after-free issue in;HTMLMediaElement.;;CVE-2013-6623miaubiz;discovered an out-of-bounds read in the Blink/Webkit SVG;implementation.;;CVE-2013-6624;Jon Butler discovered a use-after-free issue in id attribute;strings.;;CVE-2013-6625cloudfuzzer;discovered a use-after-free issue in the Blink/Webkit;DOM implementation.;;CVE-2013-6626;Chamal de Silva discovered an address bar spoofing issue.;;CVE-2013-6627skylined;discovered an out-of-bounds read in the HTTP stream;parser.;;CVE-2013-6628;Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris;discovered that a different (unverified) certificate could be used;after successful TLS renegotiation with a valid certificate.;;CVE-2013-6629;Michal Zalewski discovered an uninitialized memory read in the;libjpeg and libjpeg-turbo libraries.;;CVE-2013-6630;Michal Zalewski discovered another uninitialized memory read in;the libjpeg and libjpeg-turbo libraries.;;CVE-2013-6631;Patrik Höglund discovered a use-free issue in the libjingle;library.;;CVE-2013-6632;Pinkie Pie discovered multiple memory corruption issues.
Beschreibung:Summary:
Several vulnerabilities have been discovered in the chromium web browser.

CVE-2013-2931
The chrome 31 development team found various issues from internal
fuzzing, audits, and other studies.

CVE-2013-6621
Khalil Zhani discovered a use-after-free issue in speech input
handling.

CVE-2013-6622cloudfuzzer
discovered a use-after-free issue in
HTMLMediaElement.

CVE-2013-6623miaubiz
discovered an out-of-bounds read in the Blink/Webkit SVG
implementation.

CVE-2013-6624
Jon Butler discovered a use-after-free issue in id attribute
strings.

CVE-2013-6625cloudfuzzer
discovered a use-after-free issue in the Blink/Webkit
DOM implementation.

CVE-2013-6626
Chamal de Silva discovered an address bar spoofing issue.

CVE-2013-6627skylined
discovered an out-of-bounds read in the HTTP stream
parser.

CVE-2013-6628
Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris
discovered that a different (unverified) certificate could be used
after successful TLS renegotiation with a valid certificate.

CVE-2013-6629
Michal Zalewski discovered an uninitialized memory read in the
libjpeg and libjpeg-turbo libraries.

CVE-2013-6630
Michal Zalewski discovered another uninitialized memory read in
the libjpeg and libjpeg-turbo libraries.

CVE-2013-6631
Patrik Höglund discovered a use-free issue in the libjingle
library.

CVE-2013-6632
Pinkie Pie discovered multiple memory corruption issues.

Affected Software/OS:
chromium-browser on Debian Linux

Solution:
For the stable distribution (wheezy), these problems have been fixed in
version 31.0.1650.57-1~
deb7u1.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 31.0.1650.57-1.

We recommend that you upgrade your chromium-browser packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-6626
Debian Security Information: DSA-2799 (Google Search)
http://www.debian.org/security/2013/dsa-2799
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18401
SuSE Security Announcement: openSUSE-SU-2013:1776 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
SuSE Security Announcement: openSUSE-SU-2013:1777 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
SuSE Security Announcement: openSUSE-SU-2013:1861 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
SuSE Security Announcement: openSUSE-SU-2014:0065 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-6623
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19311
Common Vulnerability Exposure (CVE) ID: CVE-2013-6631
Common Vulnerability Exposure (CVE) ID: CVE-2013-6625
http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19257
Common Vulnerability Exposure (CVE) ID: CVE-2013-6624
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19168
Common Vulnerability Exposure (CVE) ID: CVE-2013-6630
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
https://security.gentoo.org/glsa/201606-03
http://www.mandriva.com/security/advisories?name=MDVSA-2013:273
RedHat Security Advisories: RHSA-2013:1803
http://rhn.redhat.com/errata/RHSA-2013-1803.html
http://www.securitytracker.com/id/1029470
http://www.securitytracker.com/id/1029476
http://secunia.com/advisories/56175
SuSE Security Announcement: openSUSE-SU-2013:1916 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
SuSE Security Announcement: openSUSE-SU-2013:1917 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
SuSE Security Announcement: openSUSE-SU-2013:1918 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
SuSE Security Announcement: openSUSE-SU-2013:1957 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
SuSE Security Announcement: openSUSE-SU-2013:1958 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
SuSE Security Announcement: openSUSE-SU-2013:1959 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
SuSE Security Announcement: openSUSE-SU-2014:0008 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
http://www.ubuntu.com/usn/USN-2052-1
http://www.ubuntu.com/usn/USN-2053-1
http://www.ubuntu.com/usn/USN-2060-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6632
http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
Common Vulnerability Exposure (CVE) ID: CVE-2013-6629
BugTraq ID: 63676
http://www.securityfocus.com/bid/63676
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBUX03091
http://marc.info/?l=bugtraq&m=140852886808946&w=2
HPdes Security Advisory: HPSBUX03092
http://marc.info/?l=bugtraq&m=140852974709252&w=2
HPdes Security Advisory: SSRT101667
HPdes Security Advisory: SSRT101668
RedHat Security Advisories: RHSA-2013:1804
http://rhn.redhat.com/errata/RHSA-2013-1804.html
RedHat Security Advisories: RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0413
RedHat Security Advisories: RHSA-2014:0414
https://access.redhat.com/errata/RHSA-2014:0414
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
Common Vulnerability Exposure (CVE) ID: CVE-2013-6628
https://secure-resumption.com/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19108
Common Vulnerability Exposure (CVE) ID: CVE-2013-2931
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19183
Common Vulnerability Exposure (CVE) ID: CVE-2013-6627
https://www.exploit-db.com/exploits/40944/
http://seclists.org/fulldisclosure/2016/Dec/65
http://blog.skylined.nl/20161219001.html
http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19113
Common Vulnerability Exposure (CVE) ID: CVE-2013-6621
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19006
Common Vulnerability Exposure (CVE) ID: CVE-2013-6622
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18335
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

Dies ist nur einer von 87302 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.