FreeBSD Local Security Checks : FreeBSD Ports: chromium

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.71506

Kategorie: FreeBSD Local Security Checks

Titel: FreeBSD Ports: chromium

Zusammenfassung: The remote host is missing an update to the system; as announced in the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: chromium

CVE-2012-2842
Use-after-free vulnerability in Google Chrome before 20.0.1132.57
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to counter handling.
CVE-2012-2843
Use-after-free vulnerability in Google Chrome before 20.0.1132.57
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to layout height
tracking.
CVE-2012-2844
The PDF functionality in Google Chrome before 20.0.1132.57 does not
properly handle JavaScript code, which allows remote attackers to
cause a denial of service (incorrect object access) or possibly have
unspecified other impact via a crafted document.

This VT has been deprecated and is therefore no longer functional.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-2842
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15664
SuSE Security Announcement: openSUSE-SU-2012:0993 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-2843
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15569
Common Vulnerability Exposure (CVE) ID: CVE-2012-2844
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15039

Copyright Copyright (C) 2012 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.71506
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: chromium
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: chromium CVE-2012-2842 Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling. CVE-2012-2843 Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. CVE-2012-2844 The PDF functionality in Google Chrome before 20.0.1132.57 does not properly handle JavaScript code, which allows remote attackers to cause a denial of service (incorrect object access) or possibly have unspecified other impact via a crafted document. This VT has been deprecated and is therefore no longer functional. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2842 http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15664 SuSE Security Announcement: openSUSE-SU-2012:0993 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2843 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15569 Common Vulnerability Exposure (CVE) ID: CVE-2012-2844 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15039
Copyright	Copyright (C) 2012 E-Soft Inc.