FreeBSD Local Security Checks : FreeBSD Ports: chromium

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.70747

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: chromium

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: chromium

CVE-2011-3924
Use-after-free vulnerability in Google Chrome before 16.0.912.77
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to DOM selections.

CVE-2011-3926
Heap-based buffer overflow in the tree builder in Google Chrome before
16.0.912.77 allows remote attackers to cause a denial of service or
possibly have unspecified other impact via unknown vectors.

CVE-2011-3927
Skia, as used in Google Chrome before 16.0.912.77, does not perform
all required initialization of values, which allows remote attackers
to cause a denial of service or possibly have unspecified other impact
via unknown vectors.

CVE-2011-3928
Use-after-free vulnerability in Google Chrome before 16.0.912.77
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to DOM handling.

This VT has been deprecated and is therefore no longer functional.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-3924
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13887
http://www.securitytracker.com/id?1026569
http://secunia.com/advisories/47694
Common Vulnerability Exposure (CVE) ID: CVE-2011-3926
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14552
Common Vulnerability Exposure (CVE) ID: CVE-2011-3927
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13948
Common Vulnerability Exposure (CVE) ID: CVE-2011-3928
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14441
http://www.securitytracker.com/id?1026774
http://secunia.com/advisories/48288
http://secunia.com/advisories/48377
XForce ISS Database: apple-webkit-cve20113928-code-execution(73809)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73809

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.70747
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: chromium
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: chromium CVE-2011-3924 Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. CVE-2011-3926 Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3927 Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3928 Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. This VT has been deprecated and is therefore no longer functional. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3924 http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13887 http://www.securitytracker.com/id?1026569 http://secunia.com/advisories/47694 Common Vulnerability Exposure (CVE) ID: CVE-2011-3926 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14552 Common Vulnerability Exposure (CVE) ID: CVE-2011-3927 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13948 Common Vulnerability Exposure (CVE) ID: CVE-2011-3928 http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14441 http://www.securitytracker.com/id?1026774 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 XForce ISS Database: apple-webkit-cve20113928-code-execution(73809) https://exchange.xforce.ibmcloud.com/vulnerabilities/73809
Copyright	Copyright (C) 2012 E-Soft Inc.