English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.10.2014.0485
Category:Mageia Linux Local Security Checks
Title:Mageia: Security Advisory (MGASA-2014-0485)
Summary:The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2014-0485 advisory.
Description:Summary:
The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2014-0485 advisory.

Vulnerability Insight:
Updated chromium-browser-stable packages fix security vulnerabilities:

Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, allows
remote attackers to cause a denial of service or possibly have unspecified
other impact via unknown vectors (CVE-2014-7904).

Use-after-free vulnerability in the Pepper plugins in Google Chrome before
39.0.2171.65 allows remote attackers to cause a denial of service or possibly
have unspecified other impact via crafted Flash content that triggers an
attempted PepperMediaDeviceManager access outside of the object's lifetime
(CVE-2014-7906).

Multiple use-after-free vulnerabilities in
modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used
in Google Chrome before 39.0.2171.65, allow remote attackers to cause a
denial of service or possibly have unspecified other impact via vectors that
trigger improper handling of a detached frame, related to the lock and unlock
methods (CVE-2014-7907).

Multiple integer overflows in the CheckMov function in
media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow
remote attackers to cause a denial of service or possibly have unspecified
other impact via a large atom in MPEG-4 or QuickTime .mov data
(CVE-2014-7908).

effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before
39.0.2171.65, computes a hash key using uninitialized integer values, which
might allow remote attackers to cause a denial of service by rendering
crafted data (CVE-2014-7909).

Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65
allow attackers to cause a denial of service or possibly have other impact
via unknown vectors (CVE-2014-7910).

Affected Software/OS:
'chromium-browser-stable' package(s) on Mageia 3, Mageia 4.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-7904
BugTraq ID: 71166
http://www.securityfocus.com/bid/71166
RedHat Security Advisories: RHSA-2014:1894
http://rhn.redhat.com/errata/RHSA-2014-1894.html
http://www.securitytracker.com/id/1031241
http://secunia.com/advisories/60194
http://secunia.com/advisories/62608
XForce ISS Database: google-chrome-cve20147904-bo(98792)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98792
Common Vulnerability Exposure (CVE) ID: CVE-2014-7906
BugTraq ID: 71159
http://www.securityfocus.com/bid/71159
XForce ISS Database: google-chrome-cve20147906-code-exec(98794)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98794
Common Vulnerability Exposure (CVE) ID: CVE-2014-7907
BugTraq ID: 71170
http://www.securityfocus.com/bid/71170
XForce ISS Database: google-chrome-cve20147907-code-exec(98795)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98795
Common Vulnerability Exposure (CVE) ID: CVE-2014-7908
BugTraq ID: 71168
http://www.securityfocus.com/bid/71168
XForce ISS Database: google-chrome-cve20147908-overflow(98796)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98796
Common Vulnerability Exposure (CVE) ID: CVE-2014-7909
BugTraq ID: 71167
http://www.securityfocus.com/bid/71167
XForce ISS Database: google-chrome-cve20147909-info-disc(98797)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98797
Common Vulnerability Exposure (CVE) ID: CVE-2014-7910
BugTraq ID: 71161
http://www.securityfocus.com/bid/71161
https://www.exploit-db.com/exploits/34879/
XForce ISS Database: google-chrome-cve20147910-multiple-unspec(98798)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98798
CopyrightCopyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.