Denial of Service : Google Chrome Multiple Denial of Service Vulnerabilities (Jan 2012)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.802376

Categoría: Denial of Service

Título: Google Chrome Multiple Denial of Service Vulnerabilities (Jan 2012) - Mac OS X

Resumen: Google Chrome is prone to multiple denial of service vulnerabilities.

Descripción: Summary:
Google Chrome is prone to multiple denial of service vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- A use-after-free error when the handling of animation frames.

- A boundary error within the 'xmlStringLenDecodeEntities()' function of
libxml2

- A stack based buffer overflow error in glyph handling.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code,
cause a denial of service.

Affected Software/OS:
Google Chrome version prior to 16.0.912.75 on Mac OS X

Solution:
Upgrade to the Google Chrome 16.0.912.75 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-3919
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
BugTraq ID: 51300
http://www.securityfocus.com/bid/51300
Debian Security Information: DSA-2394 (Google Search)
http://www.debian.org/security/2012/dsa-2394
http://www.mandriva.com/security/advisories?name=MDVSA-2012:005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504
RedHat Security Advisories: RHSA-2013:0217
http://rhn.redhat.com/errata/RHSA-2013-0217.html
http://www.securitytracker.com/id?1026487
http://secunia.com/advisories/47449
http://secunia.com/advisories/55568
SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-3921
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13995
Common Vulnerability Exposure (CVE) ID: CVE-2011-3922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14871

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.802376
Categoría:	Denial of Service
Título:	Google Chrome Multiple Denial of Service Vulnerabilities (Jan 2012) - Mac OS X
Resumen:	Google Chrome is prone to multiple denial of service vulnerabilities.
Descripción:	Summary: Google Chrome is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - A use-after-free error when the handling of animation frames. - A boundary error within the 'xmlStringLenDecodeEntities()' function of libxml2 - A stack based buffer overflow error in glyph handling. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code, cause a denial of service. Affected Software/OS: Google Chrome version prior to 16.0.912.75 on Mac OS X Solution: Upgrade to the Google Chrome 16.0.912.75 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3919 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html BugTraq ID: 51300 http://www.securityfocus.com/bid/51300 Debian Security Information: DSA-2394 (Google Search) http://www.debian.org/security/2012/dsa-2394 http://www.mandriva.com/security/advisories?name=MDVSA-2012:005 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504 RedHat Security Advisories: RHSA-2013:0217 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://www.securitytracker.com/id?1026487 http://secunia.com/advisories/47449 http://secunia.com/advisories/55568 SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2011-3921 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13995 Common Vulnerability Exposure (CVE) ID: CVE-2011-3922 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14871
Copyright	Copyright (C) 2012 Greenbone AG