Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.805456 |
Categoría: | General |
Título: | Google Chrome Multiple Vulnerabilities-01 Feb15 (Mac OS X) |
Resumen: | The host is installed with Google Chrome; and is prone to multiple vulnerabilities. |
Descripción: | Summary: The host is installed with Google Chrome and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Multiple unspecified vulnerabilities in Google Chrome. - The 'OriginCanAccessServiceWorkers' function in content/browser/service_worker/service_worker_dispatcher_host.cc script does not properly restrict the URI scheme during a ServiceWorker registration. - The 'V8ThrowException::createDOMException' function in bindings/core/v8/V8ThrowException.cpp script in the V8 bindings in Blink does not properly consider frame access restrictions during the throwing of an exception. - A use-after-free flaw in the 'VisibleSelection::nonBoundaryShadowTreeRootNode' function in editing/VisibleSelection.cpp script is triggered when a selection's anchor is a shadow root. Vulnerability Impact: Successful exploitation will allow remote attackers gain elevated privileges, bypass cross-origin policies, to cause a denial of service or possibly have unspecified other impact via different crafted dimensions. Affected Software/OS: Google Chrome version prior to 40.0.2214.111 on Mac OS X. Solution: Upgrade to Google Chrome version 40.0.2214.111 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-1212 BugTraq ID: 72497 http://www.securityfocus.com/bid/72497 http://security.gentoo.org/glsa/glsa-201502-13.xml RedHat Security Advisories: RHSA-2015:0163 http://rhn.redhat.com/errata/RHSA-2015-0163.html http://www.securitytracker.com/id/1031709 http://secunia.com/advisories/62670 http://secunia.com/advisories/62818 http://secunia.com/advisories/62917 http://secunia.com/advisories/62925 SuSE Security Announcement: openSUSE-SU-2015:0441 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://www.ubuntu.com/usn/USN-2495-1 XForce ISS Database: google-chrome-cve20151212-unspecified(100718) https://exchange.xforce.ibmcloud.com/vulnerabilities/100718 Common Vulnerability Exposure (CVE) ID: CVE-2015-1211 XForce ISS Database: google-chrome-cve20151211-priv-esc(100717) https://exchange.xforce.ibmcloud.com/vulnerabilities/100717 Common Vulnerability Exposure (CVE) ID: CVE-2015-1210 XForce ISS Database: google-chrome-cve20151210-sec-bypass(100716) https://exchange.xforce.ibmcloud.com/vulnerabilities/100716 Common Vulnerability Exposure (CVE) ID: CVE-2015-1209 XForce ISS Database: google-chrome-cve20151209-code-exec(100715) https://exchange.xforce.ibmcloud.com/vulnerabilities/100715 |
Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |