 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2015.0123 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2015-0123) |
| Summary: | The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2015-0123 advisory. |
| Description: | Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2015-0123 advisory. Vulnerability Insight: Updated chromium-browser packages fix security vulnerabilities: The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation (CVE-2015-1213). Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation (CVE-2015-1214). The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation (CVE-2015-1215). Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment (CVE-2015-1216). The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage 'type confusion' (CVE-2015-1217). Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp (CVE-2015-1218). Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering (CVE-2015-1219). Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-1213 BugTraq ID: 72901 http://www.securityfocus.com/bid/72901 https://security.gentoo.org/glsa/201503-12 RedHat Security Advisories: RHSA-2015:0627 http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.ubuntu.com/usn/USN-2521-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-1214 Common Vulnerability Exposure (CVE) ID: CVE-2015-1215 Common Vulnerability Exposure (CVE) ID: CVE-2015-1216 Common Vulnerability Exposure (CVE) ID: CVE-2015-1217 Common Vulnerability Exposure (CVE) ID: CVE-2015-1218 Common Vulnerability Exposure (CVE) ID: CVE-2015-1219 Common Vulnerability Exposure (CVE) ID: CVE-2015-1220 Common Vulnerability Exposure (CVE) ID: CVE-2015-1221 Common Vulnerability Exposure (CVE) ID: CVE-2015-1222 Common Vulnerability Exposure (CVE) ID: CVE-2015-1223 Common Vulnerability Exposure (CVE) ID: CVE-2015-1224 Common Vulnerability Exposure (CVE) ID: CVE-2015-1225 Common Vulnerability Exposure (CVE) ID: CVE-2015-1226 Common Vulnerability Exposure (CVE) ID: CVE-2015-1227 Common Vulnerability Exposure (CVE) ID: CVE-2015-1228 Common Vulnerability Exposure (CVE) ID: CVE-2015-1229 Common Vulnerability Exposure (CVE) ID: CVE-2015-1231 Common Vulnerability Exposure (CVE) ID: CVE-2015-1232 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |