 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2015.0036 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2015-0036) |
| Resumen: | The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2015-0036 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2015-0036 advisory. Vulnerability Insight: Updated chromium-browser packages fix security vulnerabilities: Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc (CVE-2014-7924). Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained (CVE-2014-7925). The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code (CVE-2014-7927). hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers an array copy (CVE-2014-7928). Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data (CVE-2014-7930). factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers (CVE-2014-7931). Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents (CVE-2014-7929). Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements (CVE-2014-7932). Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-7924 BugTraq ID: 72288 http://www.securityfocus.com/bid/72288 http://security.gentoo.org/glsa/glsa-201502-13.xml RedHat Security Advisories: RHSA-2015:0093 http://rhn.redhat.com/errata/RHSA-2015-0093.html http://www.securitytracker.com/id/1031623 http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://secunia.com/advisories/62665 SuSE Security Announcement: openSUSE-SU-2015:0441 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://www.ubuntu.com/usn/USN-2476-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-7925 Common Vulnerability Exposure (CVE) ID: CVE-2014-7927 Common Vulnerability Exposure (CVE) ID: CVE-2014-7928 Common Vulnerability Exposure (CVE) ID: CVE-2014-7929 Common Vulnerability Exposure (CVE) ID: CVE-2014-7930 Common Vulnerability Exposure (CVE) ID: CVE-2014-7931 Common Vulnerability Exposure (CVE) ID: CVE-2014-7932 Common Vulnerability Exposure (CVE) ID: CVE-2014-7934 Common Vulnerability Exposure (CVE) ID: CVE-2014-7935 Common Vulnerability Exposure (CVE) ID: CVE-2014-7936 Common Vulnerability Exposure (CVE) ID: CVE-2014-7938 Common Vulnerability Exposure (CVE) ID: CVE-2014-7939 Common Vulnerability Exposure (CVE) ID: CVE-2014-7941 Common Vulnerability Exposure (CVE) ID: CVE-2014-7942 Common Vulnerability Exposure (CVE) ID: CVE-2014-7943 Common Vulnerability Exposure (CVE) ID: CVE-2014-7946 Common Vulnerability Exposure (CVE) ID: CVE-2014-7948 Common Vulnerability Exposure (CVE) ID: CVE-2015-1205 http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |