Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2013-0249)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2013.0249

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2013-0249)

Resumen: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2013-0249 advisory.

Descripción: Summary:
The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2013-0249 advisory.

Vulnerability Insight:
Updated chromium-browser-stable packages fix security vulnerabilities:

Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame
handling (CVE-2013-2881).

Cloudfuzzer discovered a type confusion issue in the V8 javascript library
(CVE-2013-2882).

Cloudfuzzer discovered a use-after-free issue in MutationObserver
(CVE-2013-2883).

Ivan Fratric of the Google Security Team discovered a use-after-free issue in
the DOM implementation (CVE-2013-2884).

Ivan Fratric of the Google Security Team discovered a use-after-free issue in
input handling (CVE-2013-2885).

The chrome 28 development team found various issues from internal fuzzing,
audits, and other studies (CVE-2013-2886).

This update provides version 28.0.1500.95, which fixes these issues.

Additionally, Google Sync should now work (mga#9851), and playing of media
files with certain codecs, such as mp3, should now work with the tainted
build (mga#10828) in Mageia 3.

Affected Software/OS:
'chromium-browser-stable' package(s) on Mageia 2, Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-2881
Debian Security Information: DSA-2732 (Google Search)
http://www.debian.org/security/2013/dsa-2732
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17348
Common Vulnerability Exposure (CVE) ID: CVE-2013-2882
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17329
RedHat Security Advisories: RHSA-2013:1201
http://rhn.redhat.com/errata/RHSA-2013-1201.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17525
Common Vulnerability Exposure (CVE) ID: CVE-2013-2884
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17597
Common Vulnerability Exposure (CVE) ID: CVE-2013-2885
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17672
Common Vulnerability Exposure (CVE) ID: CVE-2013-2886
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17704

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0249
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0249)
Resumen:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2013-0249 advisory.
Descripción:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2013-0249 advisory. Vulnerability Insight: Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling (CVE-2013-2881). Cloudfuzzer discovered a type confusion issue in the V8 javascript library (CVE-2013-2882). Cloudfuzzer discovered a use-after-free issue in MutationObserver (CVE-2013-2883). Ivan Fratric of the Google Security Team discovered a use-after-free issue in the DOM implementation (CVE-2013-2884). Ivan Fratric of the Google Security Team discovered a use-after-free issue in input handling (CVE-2013-2885). The chrome 28 development team found various issues from internal fuzzing, audits, and other studies (CVE-2013-2886). This update provides version 28.0.1500.95, which fixes these issues. Additionally, Google Sync should now work (mga#9851), and playing of media files with certain codecs, such as mp3, should now work with the tainted build (mga#10828) in Mageia 3. Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2881 Debian Security Information: DSA-2732 (Google Search) http://www.debian.org/security/2013/dsa-2732 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17348 Common Vulnerability Exposure (CVE) ID: CVE-2013-2882 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17329 RedHat Security Advisories: RHSA-2013:1201 http://rhn.redhat.com/errata/RHSA-2013-1201.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2883 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17525 Common Vulnerability Exposure (CVE) ID: CVE-2013-2884 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17597 Common Vulnerability Exposure (CVE) ID: CVE-2013-2885 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17672 Common Vulnerability Exposure (CVE) ID: CVE-2013-2886 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17704
Copyright	Copyright (C) 2022 Greenbone AG