ID de Prueba:	1.3.6.1.4.1.25623.1.0.71365
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: chromium
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: chromium CVE-2011-3103 Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code. CVE-2011-3104 Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3105 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. CVE-2011-3106 The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. CVE-2011-3107 Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. CVE-2011-3108 Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache. CVE-2011-3110 The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. CVE-2011-3111 Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors. CVE-2011-3112 Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document. CVE-2011-3113 The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. CVE-2011-3114 Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unknown function calls. CVE-2011-3115 Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger 'type corruption.' This VT has been deprecated and is therefore no longer functional. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3103 BugTraq ID: 53679 http://www.securityfocus.com/bid/53679 http://security.gentoo.org/glsa/glsa-201205-04.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15095 http://www.securitytracker.com/id?1027098 http://secunia.com/advisories/49277 http://secunia.com/advisories/49306 Common Vulnerability Exposure (CVE) ID: CVE-2011-3104 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15471 Common Vulnerability Exposure (CVE) ID: CVE-2011-3105 http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html http://osvdb.org/82242 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15535 Common Vulnerability Exposure (CVE) ID: CVE-2011-3106 http://osvdb.org/82251 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15470 Common Vulnerability Exposure (CVE) ID: CVE-2011-3107 http://osvdb.org/82252 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15409 Common Vulnerability Exposure (CVE) ID: CVE-2011-3108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14947 Common Vulnerability Exposure (CVE) ID: CVE-2011-3110 http://osvdb.org/82245 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14666 Common Vulnerability Exposure (CVE) ID: CVE-2011-3111 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15549 Common Vulnerability Exposure (CVE) ID: CVE-2011-3112 http://osvdb.org/82247 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15076 Common Vulnerability Exposure (CVE) ID: CVE-2011-3113 http://osvdb.org/82248 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15566 Common Vulnerability Exposure (CVE) ID: CVE-2011-3114 http://osvdb.org/82249 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15545 Common Vulnerability Exposure (CVE) ID: CVE-2011-3115 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15433 XForce ISS Database: chrome-type-corruption-code-exec(75853) https://exchange.xforce.ibmcloud.com/vulnerabilities/75853
Copyright	Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.