| Beschreibung: | Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.
Vulnerability Insight:
The following package is affected: chromium
CVE-2011-3953
Google Chrome before 17.0.963.46 does not prevent monitoring of the
clipboard after a paste event, which has unspecified impact and remote
attack vectors.
CVE-2011-3954
Google Chrome before 17.0.963.46 allows remote attackers to cause a
denial of service (application crash) via vectors that trigger a large
amount of database usage.
CVE-2011-3955
Google Chrome before 17.0.963.46 allows remote attackers to cause a
denial of service (application crash) or possibly have unspecified
other impact via vectors that trigger the aborting of an IndexedDB
transaction.
CVE-2011-3956
The extension implementation in Google Chrome before 17.0.963.46 does
not properly handle sandboxed origins, which might allow remote
attackers to bypass the Same Origin Policy via a crafted extension.
CVE-2011-3957
Use-after-free vulnerability in the garbage-collection functionality
in Google Chrome before 17.0.963.46 allows remote attackers to cause a
denial of service or possibly have unspecified other impact via
vectors involving PDF documents.
CVE-2011-3958
Google Chrome before 17.0.963.46 does not properly perform casts of
variables during handling of a column span, which allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via a crafted document.
Text truncated. Please see the references for more information.
This VT has been deprecated and is therefore no longer functional.
Solution:
Update your system with the appropriate patches or
software upgrades.
CVSS Score:
9.3
CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
