FreeBSD Local Security Checks : FreeBSD Ports: chromium

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72479

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: chromium

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: chromium

CVE-2012-2900
Skia, as used in Google Chrome before 22.0.1229.92, does not properly
render text, which allows remote attackers to cause a denial of
service (application crash) or possibly have unspecified other impact
via unknown vectors.
CVE-2012-5108
Race condition in Google Chrome before 22.0.1229.92 allows remote
attackers to execute arbitrary code via vectors related to audio
devices.
CVE-2012-5109
The International Components for Unicode (ICU) functionality in Google
Chrome before 22.0.1229.92 allows remote attackers to cause a denial
of service (out-of-bounds read) via vectors related to a regular
expression.
CVE-2012-5110
The compositor in Google Chrome before 22.0.1229.92 allows remote
attackers to cause a denial of service (out-of-bounds read) via
unspecified vectors.
CVE-2012-5111
Google Chrome before 22.0.1229.92 does not monitor for crashes of
Pepper plug-ins, which has unspecified impact and remote attack
vectors.

This VT has been deprecated and is therefore no longer functional.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2900
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15725
XForce ISS Database: google-chrome-skia-dos(79063)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79063
Common Vulnerability Exposure (CVE) ID: CVE-2012-5108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15651
XForce ISS Database: google-audio-device-code-exec(79064)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79064
Common Vulnerability Exposure (CVE) ID: CVE-2012-5109
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15774
Common Vulnerability Exposure (CVE) ID: CVE-2012-5110
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14901
Common Vulnerability Exposure (CVE) ID: CVE-2012-5111
http://osvdb.org/86121
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15517

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72479
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: chromium
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: chromium CVE-2012-2900 Skia, as used in Google Chrome before 22.0.1229.92, does not properly render text, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. CVE-2012-5108 Race condition in Google Chrome before 22.0.1229.92 allows remote attackers to execute arbitrary code via vectors related to audio devices. CVE-2012-5109 The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression. CVE-2012-5110 The compositor in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-5111 Google Chrome before 22.0.1229.92 does not monitor for crashes of Pepper plug-ins, which has unspecified impact and remote attack vectors. This VT has been deprecated and is therefore no longer functional. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2900 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15725 XForce ISS Database: google-chrome-skia-dos(79063) https://exchange.xforce.ibmcloud.com/vulnerabilities/79063 Common Vulnerability Exposure (CVE) ID: CVE-2012-5108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15651 XForce ISS Database: google-audio-device-code-exec(79064) https://exchange.xforce.ibmcloud.com/vulnerabilities/79064 Common Vulnerability Exposure (CVE) ID: CVE-2012-5109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15774 Common Vulnerability Exposure (CVE) ID: CVE-2012-5110 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14901 Common Vulnerability Exposure (CVE) ID: CVE-2012-5111 http://osvdb.org/86121 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15517
Copyright	Copyright (C) 2012 E-Soft Inc.