ID de Prueba:	1.3.6.1.4.1.25623.1.0.802338
Categoría:	Privilege escalation
Título:	Google Chrome Mozilla Network Security Services Privilege Escalation Vulnerability - Windows
Resumen:	Google Chrome is prone to a privilege escalation vulnerability.
Descripción:	Summary: Google Chrome is prone to a privilege escalation vulnerability. Vulnerability Insight: The flaw is due to an error in the Mozilla Network Security Services (NSS) library, which can be exploited by sending Trojan horse pkcs11.txt file in a top-level directory. Vulnerability Impact: Successful exploitation will let the local attacker to execute arbitrary code with an elevated privileges. Affected Software/OS: Google Chrome version 16.0.912.21 and prior on Windows Solution: Upgrade to the Google Chrome 17 or later. CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3640 http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html http://code.google.com/p/chromium/issues/detail?id=97426 https://bugzilla.mozilla.org/show_bug.cgi?id=641052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414 http://securityreason.com/securityalert/8483 SuSE Security Announcement: openSUSE-SU-2012:0030 (Google Search) https://hermes.opensuse.org/messages/13154861 SuSE Security Announcement: openSUSE-SU-2012:0063 (Google Search) https://hermes.opensuse.org/messages/13155432
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.