Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2013.0324
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2013-0324)
Zusammenfassung:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2013-0324 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2013-0324 advisory. Vulnerability Insight: Updated chromium-browser-stable packages fix security vulnerabilities: Various fixes from internal audits, fuzzing and other initiatives (CVE-2013-2931). Use after free related to speech input elements (CVE-2013-6621). Use after free related to media elements (CVE-2013-6622). Out of bounds read in SVG (CVE-2013-6623). Use after free related to 'id' attribute strings (CVE-2013-6624). Use after free in DOM ranges (CVE-2013-6625). Address bar spoofing related to interstitial warnings (CVE-2013-6626). Out of bounds read in HTTP parsing (CVE-2013-6627). Issue with certificates not being checked during TLS renegotiation (CVE-2013-6628). libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component (Y) in presence of valid chroma data (Cr, Cb) (CVE-2013-6629). libjpeg-turbo will use uninitialized memory when handling Huffman tables (CVE-2013-6630). Use after free in libjingle (CVE-2013-6631). Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2931 Debian Security Information: DSA-2799 (Google Search) http://www.debian.org/security/2013/dsa-2799 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19183 SuSE Security Announcement: openSUSE-SU-2013:1776 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html SuSE Security Announcement: openSUSE-SU-2013:1777 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html SuSE Security Announcement: openSUSE-SU-2013:1861 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html SuSE Security Announcement: openSUSE-SU-2014:0065 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html Common Vulnerability Exposure (CVE) ID: CVE-2013-6621 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19006 Common Vulnerability Exposure (CVE) ID: CVE-2013-6622 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18335 Common Vulnerability Exposure (CVE) ID: CVE-2013-6623 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19311 Common Vulnerability Exposure (CVE) ID: CVE-2013-6624 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19168 Common Vulnerability Exposure (CVE) ID: CVE-2013-6625 http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19257 Common Vulnerability Exposure (CVE) ID: CVE-2013-6626 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18401 Common Vulnerability Exposure (CVE) ID: CVE-2013-6627 https://www.exploit-db.com/exploits/40944/ http://seclists.org/fulldisclosure/2016/Dec/65 http://blog.skylined.nl/20161219001.html http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19113 Common Vulnerability Exposure (CVE) ID: CVE-2013-6628 https://secure-resumption.com/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19108 Common Vulnerability Exposure (CVE) ID: CVE-2013-6629 BugTraq ID: 63676 http://www.securityfocus.com/bid/63676 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html http://security.gentoo.org/glsa/glsa-201406-32.xml https://security.gentoo.org/glsa/201606-03 HPdes Security Advisory: HPSBUX03091 http://marc.info/?l=bugtraq&m=140852886808946&w=2 HPdes Security Advisory: HPSBUX03092 http://marc.info/?l=bugtraq&m=140852974709252&w=2 HPdes Security Advisory: SSRT101667 HPdes Security Advisory: SSRT101668 http://www.mandriva.com/security/advisories?name=MDVSA-2013:273 RedHat Security Advisories: RHSA-2013:1803 http://rhn.redhat.com/errata/RHSA-2013-1803.html RedHat Security Advisories: RHSA-2013:1804 http://rhn.redhat.com/errata/RHSA-2013-1804.html RedHat Security Advisories: RHSA-2014:0413 https://access.redhat.com/errata/RHSA-2014:0413 RedHat Security Advisories: RHSA-2014:0414 https://access.redhat.com/errata/RHSA-2014:0414 http://www.securitytracker.com/id/1029470 http://www.securitytracker.com/id/1029476 http://secunia.com/advisories/56175 http://secunia.com/advisories/58974 http://secunia.com/advisories/59058 SuSE Security Announcement: openSUSE-SU-2013:1916 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html SuSE Security Announcement: openSUSE-SU-2013:1917 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html SuSE Security Announcement: openSUSE-SU-2013:1918 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html SuSE Security Announcement: openSUSE-SU-2013:1957 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html SuSE Security Announcement: openSUSE-SU-2013:1958 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html SuSE Security Announcement: openSUSE-SU-2013:1959 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html SuSE Security Announcement: openSUSE-SU-2014:0008 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html http://www.ubuntu.com/usn/USN-2052-1 http://www.ubuntu.com/usn/USN-2053-1 http://www.ubuntu.com/usn/USN-2060-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-6630 Common Vulnerability Exposure (CVE) ID: CVE-2013-6631
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.