ID de Prueba:	1.3.6.1.4.1.25623.1.0.801763
Categoría:	Denial of Service
Título:	Google Chrome Multiple Vulnerabilities (Mar 2011) - Windows
Resumen:	Google Chrome is prone to multiple vulnerabilities.
Descripción:	Summary: Google Chrome is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to - Not preventing 'navigation' and 'close' operations on the top location of a sandboxed frame. - Cross-origin error message leak. - Error in performing 'box layout'. - Memory corruption error in 'counter nodes'. - Error in 'Web Workers' implementation which allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an error message leak. - Use-after-free vulnerability in 'DOM URL' handling. - Error in 'Google V8', which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. - Use-after-free vulnerability in document script lifetime handling. - Error in performing 'table painting'. - Error in 'OGG' container implementation. - Use of corrupt out-of-bounds structure in video code. - Error in handling DataView objects. - Bad cast in text rendering. - Error in context implementation in WebKit. - Unspecified vulnerability in the 'XSLT' implementation. - Not properly handling 'SVG' cursors. - 'DOM' tree corruption with attribute handling. - Corruption via re-entrancy of RegExp code. Vulnerability Impact: Successful exploitation could allow attackers to cause denial-of-service. Affected Software/OS: Google Chrome version prior to 10.0.648.127 on Windows Solution: Upgrade to the Google Chrome 10.0.648.127 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1185 BugTraq ID: 46785 http://www.securityfocus.com/bid/46785 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14349 http://www.vupen.com/english/advisories/2011/0628 XForce ISS Database: chrome-sandboxed-sec-bypass(65948) https://exchange.xforce.ibmcloud.com/vulnerabilities/65948 Common Vulnerability Exposure (CVE) ID: CVE-2011-1187 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369 http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 XForce ISS Database: google-unspecified-info-disc(65951) https://exchange.xforce.ibmcloud.com/vulnerabilities/65951 Common Vulnerability Exposure (CVE) ID: CVE-2011-1188 http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14493 XForce ISS Database: google-counter-nodes-code-exec(65952) https://exchange.xforce.ibmcloud.com/vulnerabilities/65952 Common Vulnerability Exposure (CVE) ID: CVE-2011-1189 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14370 XForce ISS Database: google-box-layouts-dos(65953) https://exchange.xforce.ibmcloud.com/vulnerabilities/65953 Common Vulnerability Exposure (CVE) ID: CVE-2011-1190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14398 XForce ISS Database: google-chrome-info-disc(65954) https://exchange.xforce.ibmcloud.com/vulnerabilities/65954 Common Vulnerability Exposure (CVE) ID: CVE-2011-1191 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14765 XForce ISS Database: google-domurl-code-exec(65955) https://exchange.xforce.ibmcloud.com/vulnerabilities/65955 Common Vulnerability Exposure (CVE) ID: CVE-2011-1193 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14035 XForce ISS Database: google-unspecified-security-bypass(65957) https://exchange.xforce.ibmcloud.com/vulnerabilities/65957 Common Vulnerability Exposure (CVE) ID: CVE-2011-1194 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14461 XForce ISS Database: google-popup-sec-bypass(65958) https://exchange.xforce.ibmcloud.com/vulnerabilities/65958 Common Vulnerability Exposure (CVE) ID: CVE-2011-1195 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14575 XForce ISS Database: google-lifetime-code-execution(65959) https://exchange.xforce.ibmcloud.com/vulnerabilities/65959 Common Vulnerability Exposure (CVE) ID: CVE-2011-1196 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14033 XForce ISS Database: google-ogg-dos(65960) https://exchange.xforce.ibmcloud.com/vulnerabilities/65960 Common Vulnerability Exposure (CVE) ID: CVE-2011-1197 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14703 XForce ISS Database: google-table-painting-dos(65961) https://exchange.xforce.ibmcloud.com/vulnerabilities/65961 Common Vulnerability Exposure (CVE) ID: CVE-2011-1198 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14555 XForce ISS Database: google-video-code-code-execution(65962) https://exchange.xforce.ibmcloud.com/vulnerabilities/65962 Common Vulnerability Exposure (CVE) ID: CVE-2011-1199 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14584 XForce ISS Database: google-dataview-dos(65963) https://exchange.xforce.ibmcloud.com/vulnerabilities/65963 Common Vulnerability Exposure (CVE) ID: CVE-2011-1200 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14419 XForce ISS Database: google-bad-cast-unspecified(65964) https://exchange.xforce.ibmcloud.com/vulnerabilities/65964 Common Vulnerability Exposure (CVE) ID: CVE-2011-1201 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14089 XForce ISS Database: google-webkit-context-dos(65965) https://exchange.xforce.ibmcloud.com/vulnerabilities/65965 Common Vulnerability Exposure (CVE) ID: CVE-2011-1202 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2012:164 http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14244 XForce ISS Database: google-xslt-info-disclosure(65966) https://exchange.xforce.ibmcloud.com/vulnerabilities/65966 Common Vulnerability Exposure (CVE) ID: CVE-2011-1203 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14355 XForce ISS Database: google-svg-cursor-dos(65967) https://exchange.xforce.ibmcloud.com/vulnerabilities/65967 Common Vulnerability Exposure (CVE) ID: CVE-2011-1204 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13585 XForce ISS Database: google-domtree-code-execution(65968) https://exchange.xforce.ibmcloud.com/vulnerabilities/65968 Common Vulnerability Exposure (CVE) ID: CVE-2011-1285 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14571 XForce ISS Database: google-regexp-code-exec(65969) https://exchange.xforce.ibmcloud.com/vulnerabilities/65969 Common Vulnerability Exposure (CVE) ID: CVE-2011-1286 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14455 XForce ISS Database: google-memory-info-discloure(65970) https://exchange.xforce.ibmcloud.com/vulnerabilities/65970
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.