| Beschreibung: | Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.
Vulnerability Insight:
The following package is affected: chromium
CVE-2012-5130
Skia, as used in Google Chrome before 23.0.1271.91, allows remote
attackers to cause a denial of service (out-of-bounds read) via
unspecified vectors.
CVE-2012-5132
Google Chrome before 23.0.1271.91 allows remote attackers to cause a
denial of service (application crash) via a response with chunked
transfer coding.
CVE-2012-5133
Use-after-free vulnerability in Google Chrome before 23.0.1271.91
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to SVG filters.
CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in
parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before
23.0.1271.91, allows remote attackers to cause a denial of service or
possibly execute arbitrary code via crafted entities in an XML
document.
CVE-2012-5135
Use-after-free vulnerability in Google Chrome before 23.0.1271.91
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to printing.
CVE-2012-5136
Google Chrome before 23.0.1271.91 does not properly perform a cast of
an unspecified variable during handling of the INPUT element, which
allows remote attackers to cause a denial of service or possibly have
unknown other impact via a crafted HTML document.
This VT has been deprecated and is therefore no longer functional.
Solution:
Update your system with the appropriate patches or
software upgrades.
CVSS Score:
7.5
CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
